Zcash Community Members Find a Fake Version of the ZecWallet




Last modified


Zcash community discovers fake ZecWallet

Members of the Zcash (ZEC) community have found a suspicious and possibly malicious fake version of the ZecWallet. A Twitter post unveiled this news on October 20, noting that the wallet likely contains malware.

Electric Coin Company, Zcash’s developer retweeted the post, which read,

The tweet contained a screenshot that had an announcement of the fake wallet. Per the screenshot, the creator of the wallet promised users that installing it would let them use the ZecWallet fully. As such, it mentioned that the users would be able to use transparent and shielded addresses. On top of this, the creator noted that the wallet would have several new features. These include a dark mode feature, translation updates, address validation, among other minor bug fixes and improvements.

However, according to the member that made this discovery, the counterfeit wallet’s creator gave the wrong address for downloading the wallet. Also, the developer used the wrong logo.

Zcash Woes

Before this, a report unveiled that a bug in all Zcash versions and most of its forks posed a critical threat. Duke Leto, the developer of Komodo (KDM) found this bug on September 27. According to him, the exploitation of this bug could have leaked metadata containing the full nodes’ with shielded addresses (zaddr) IPs.

Leto said,

A bug has existed for all shielded addresses since the inception of Zcash and Zcash Protocol. It is present in all Zcash source code forks. It is possible to find the IP address of full nodes who own a shielded address (zaddr). That is, Alice giving Bob a zaddr to be paid, could actually allow Bob to discover Alice’s IP address. This is drastically against the design of Zcash Protocol.

Per Leto, this vulnerability poses a threat to anyone that had published their zaddr or provided it to a third party.

This news comes after ESET, an antivirus software supplier found a “trojanized” version of the Tor browser. Per ESET, this version sought to steal BTC from buyers in the darknet. The counterfeit browser reportedly targeted Russian crypto enthusiasts.

ESET unveiled that two sites were responsible for distributing the fake browser. These are tor-browser[.]com and torproect[.]org. According to ESET, the browser had been stealing crypto by swapping the original crypto address of crypto buyers since 2017.

Do you think increased awareness among crypto adopters can help curb fake projects and products? Let us know in the comments below.