Syscoin client replaced with a malicious version

The users of “Window” (obviously, Windows) are being advised to review the client of Syscoin installed between 9-13 June 2018. The reason for concerns here is because of the unknown group of hackers who used one of the classic phishing techniques - changed the download link to a malicious one. Somehow, the operation has been conducted on the project GitHub page which multiplied the number of victims.

#Syscoin #Security Notice: If you are a Window user and have downloaded syscoin-qt 3.0.4.1 between June 9th and June 13th, please read this now! https://t.co/7hTtobPEKr pic.twitter.com/RVEieXS32l

— Syscoin (@syscoin) 14 июня 2018 г.

The virus is not exactly new, as the development team found out about it after some users decided to make inquiries regarding their clients being marked as harmful by anti-virus programs. The full name of this password-stealing kit is Trojan:Win32/Feury.B!cl, its main executable file (re.exe) is located at C:\Users\user\AppData\Local\Temp - although it’s always better to run a special scan in order to delete potential traces of the virus in the system register.

The price of Syscoin has dropped, but judging by the stats on Coinmarketcap, this is likely a continuation of the overall trend of the crypto market rather than the local panic of investors. The fact that the cryptocurrency blockchain has not been compromised in any way might have played a decisive role.

Image: stock photo