A fake version of Wasabi wallet, probably designed to steal bitcoins, has emerged online at wasabibitcoinwallet.org. (Don’t visit that site.)


Quidax: best bitcoin wallet in nigeria

According to Wasabi developer nopara73 (the only confirmed identity he has), the site is only trying to assault Windows users. Only the Windows version of the wallet is actually non-legitimate. The rest of the download links on the site direct to Wasabi’s actual Github repository.View image on Twitter

View image on Twitter


Quidax: best bitcoin wallet in nigeria

The first malware that pretends to be Wasabi: http://wasabibitcoinwallet.org 

Notice only the Windows download link points to their own website, the rest is to our GitHub?7510:16 AM – Mar 21, 201953 people are talking about thisTwitter Ads info and privacy

Join CCN for $9.99 per month and get an ad-free version of CCN including discounts for future events and services. Support our journalists today. Click here to sign up.

Nopara73 downloaded the off-brand version of the wallet and the anti-virus software he’s using found no problems with it. For him, that makes the issue all the more concerning:

nopara73@nopara73 · Mar 21, 2019

The first malware that pretends to be Wasabi: http://wasabibitcoinwallet.org 

Notice only the Windows download link points to their own website, the rest is to our GitHub?

View image on Twitter


Oh boy. This is going to be messy: pic.twitter.com/0RLUcrztxK2110:19 AM – Mar 21, 2019Twitter Ads info and privacy

View image on Twitter

See nopara73’s other Tweets

An insecure or compromised Bitcoin wallet can cost someone thousands of dollars. Wasabi is not the first wallet to have a pretender emerge. Fake Electrum wallets have come out in the past, but the community is pretty quick to warn people.


The nature of open source software is that anyone can create a clone and change it anyway they want. This is actually the intended effect. The terms of the GNU Public License, however, make it illegal to release a product of the same name.

Therefore, if an open source developer is able to identify someone who does this, they have an enforceable licensing agreement to sue based upon. Unfortunately, open source license based lawsuits are rare.

Nevertheless, open code is viewed as more secure. Vulnerabilities are found quickest when the widest number of people are able to look for them.

Wasabi wallet has grown in popularity. The official website for it is wasabiwallet.io. Wasabi implements native “coin joining,” a strategy to Bitcoin wallets. It is one of the first wallets to do this natively in Bitcoin. The concept is not unlike the privacy features implemented by Evan Duffield into DarkCoin, which later became Dash. According to the Wasabi website, the platform works best when a lot of people are using it.


An in-depth explanation of how Wasabi implements privacy can be found here.

Despite the transparency of the Bitcoin network, it’s difficult to know the actual distribution of wallet usage. Many wallets use a backend like bitcoind or connect remotely to a node, as is the case with most mobile wallets. However, Wasabi is reportedly one of the most popular wallets in Iran, a country where using cryptocurrency is technically illegal although the country launched its own blockchain.

A fake version of a reliable Bitcoin wallet is a serious financial risk, especially if someone is switching wallets and inadvertently imports an existing private key. The effect can be devastating and quick. Fortunately, the news of this fake Wasabi site has spread pretty quickly. It’s unlikely to be the last. The Internet, for all its safeguards and policing, remains very much the wild west.

If it turns out that the false Windows version of the wallet isn’t stealing coins, it could be something much worse: an attempt to de-anonymize Wasabi users.

Leave a Reply

Your email address will not be published. Required fields are marked *