Unknown attackers have created a fake site to download the popular anonymous bitcoin wallet Wasabi. This was announced by a leading developer Wasabi Adam Ficsor (nopara73).

The first malware that pretends to be Wasabi: https://t.co/08VrjnrVsr

Notice only the Windows download link points to their own website, the rest is to our GitHub? pic.twitter.com/t7jKViESZ2

— nopara73 (@nopara73) 21 Mar 2019

On the fraudulent website wasabibitcoinwallet(.)org there are four links to the latest version of the wallet for macOS, Windows and two for Linux.

It is noteworthy that they all direct users to the real wallet Wasabi is hosted on GitHub, with the exception of links to the Windows version that downloads suspicious. MSI file that is posted directly to the website of fraudsters.

While Adam Ficsor pointed out that the antivirus engines are not able to detect the malware.

Oh boy. This is going to be messy: pic.twitter.com/0RLUcrztxK

— nopara73 (@nopara73) 21 Mar 2019

In the course of further investigation, the developer found that the fake version is not merely a virus, but some kind of a Scam.

“Perhaps the attackers with the help of this sample create your database users. Users of Linux and macOS will vouch for the site because their software is original, so it can create confusion on the forums where they spread link”, — suggested Ficsor in comments The Next Web.

He also added that the scammers have recreated a version of it for Windows, since the development of the “modified Wasabi” for other platforms was just too strong for them.

“The attackers don’t have a key I use to sign binary file in Windows. Therefore, when you install their Microsoft software will alert you about unknown publisher. But it is unlikely the average user will pay attention to it”, — warns the developer.

In December last year ForkLog published an extensive interview with team Wasabi Wallet.

Recall that in November 2018 in the Google Play store was detected by the app, simulating wallets for Neo, Tether and Ethereum, and expansion MetaMask. App stealing data from credit cards, as well as information for mobile banking.

Source