The malware is being spread under the guise of ZecWallet, and it has been discovered on GitHub. The ZCash cryptocurrency community has discovered a potentially malicious fake version of the ZecWallet native wallet. The program is located on GitHub, users were reminded that when downloading it is necessary to verify that the download is from the official repository.
“We discovered a fake version of the ZecWallet – cryptocurrency wallet, which probably contains malware (the size and checksum are different). Double check what you’re downloading from the official repository on GitHub” – the official tweet says.
Earlier on the Zcash network, a vulnerability was discovered that could lead to leakage of users IP’s addresses. According to developer Jonathan Leto, all users who publicly disclosed their shaded addresses were at risk.