A scam website was discovered from which it was possible to download the various versions of the Wasabi wallet.
However, the Windows version was different from the original and contained malicious code. It wasn’t difficult to realise the fraud because the domain of the website didn’t correspond to the original one, wasabiwallet.io, however, the domain name used could mislead inexperienced users.
This is not the first time that hackers have targeted a service and copied its content, adding malicious software to it in order to mislead the unfortunate. The usual victims of these scams are the people who have only recently approached this world.
A developer of the original Wasabi wallet, nopara73, noticed the scam website and also published a screenshot of the site, which has now been put offline. The fake domain was registered on March 12th, so the fake site was online only for a few days.
The developer scanned the software file with an antivirus, noting, however, that it passed the virus check without any problems: in fact, the antivirus does not always manage to detect this type of modification compared to the original.
In the past, the famous Electrum wallet has undergone similar attempts by malicious people: all this is possible because the source code is public and anyone can download it and create a modified copy. If scammers can distribute it, they can actually spread malicious software without any particular problems.
In these cases, the thing to do is to always verify that the domain of the website corresponds to the original one, for example by searching on search engines: these, in fact, most likely index the original website, whereas the fake ones should be blocked.
For those who don’t know it, Wasabi is a wallet famous for having a high level of privacy for Bitcoin transactions, using a system called CoinJoin that allows to cloud transactions. It is therefore very useful, so much so that it has been chosen by many users precisely to maintain a high level of privacy for their BTC.