en
Back to the list

Windows version of popular Wasabi BTC wallet has been duplicated by scammer

source-logo  chepicap.com  + 2 more 22 March 2019 12:30, UTC

Scammers create a fake website that contains links to download Wasabi Bitcoin wallet, the links point to the original source, except the Windows version. 

Popular open source Bitcoin wallet, the Wasabi wallet’s users or potential users should be more cautious if they want to download the Windows version of the wallet.

To those unfamiliar with Wasabi wallet, it’s an open source Bitcoin wallet that uses “shuffling” technology, like what Tor uses, in order to provide users with additional privacy while using Bitcoin.

The co-founder, nopara73 just posted on Twitter that there have been malicious people who created a website that contains the links to download Wasabi wallet.

The fraudulent website, wasabibitcoinwallet[dot]org lists four versions of the wallet, which are macOS, Windows and 2 Linux versions.

While the links of the macOS and Linux point to the real Wasabi wallet on GitHub, that’s not the case with the Windows link.

If the Windows link is clicked, it will automatically download a .msi file that’s hosted by the malicious actor’s website directly.

The first malware that pretends to be Wasabi: https://t.co/08VrjnrVsr

Notice only the Windows download link points to their own website, the rest is to our GitHub? pic.twitter.com/t7jKViESZ2

— nopara73 (@nopara73) March 21, 2019

Interestingly, antivirus engines couldn’t detect any malware inside the installer.

Oh boy. This is going to be messy: pic.twitter.com/0RLUcrztxK

— nopara73 (@nopara73) March 21, 2019

After further investigation, Nopara73 found out that the fake version is “not a virus yet”, but definitely a scam.

Quoting what he told The Next Web, “It may not be a virus yet, they may just be building up their userbase. It may be a virus, but they’re doing a selective scam.”

“The Linux and OSX users would vouch for the site, because their software is the original one, so that’d create confusion in forums where they spread the link,” he continued.

On why the scammers chose the Windows version, he predicted that it is probably too difficult to develop “modified Wasabi” for the other platforms.

Nopara73 also mentioned the steps he has taken so far to obstruct the scammers’ efforts, “Now unfortunately for them, they don’t have the signing key I’m using to sign the binary on Windows, so when you’ll try to install their software, Microsoft will complain: ‘Hey, this software has an unknown publisher.’ I wonder if this jeopardizes their efforts.”

Just yesterday a malware that targets forex and crypto traders were reported by researchers at Palo Alto Networks’ Unit 42.

Read more: Old malware rises back to life, now targeting forex and crypto traders

chepicap.com

Similar news (2)
Add similar news