ARK.io's co-founder just posted on his Twitter account that a compromised version of the windows wallet was uploaded to the official Github and suggested users to delete it.
ARK.io's co-founder, Matt DC, just posted a tweet informing that a compromised version of the windows wallet was uploaded to the official Github in the last 24 hours. The compromise allegedly happened in Korea to one of ARK's developer account.
The team has removed the compromised version and suggested users who downloaded within the time frame to delete it.
An @ArkEcosystem developer account was potentially hacked during the visit to Korea. A compromised version of the windows wallet was uploaded to the official github within last 24 hours. The file has been removed. If you downloaded the wallet in last 24 hours, please delete.— Matthew_DC (@Matthew_DC) July 15, 2018
DC said that only Windows wallet was compromised and ensured that the other wallet versions are safe.
The compromise was reported by a user who downloaded the Windows wallet installer and found several things that aroused his suspicion. The user said the downloaded file "did not match the checksum published on the GitHub releases page" and that a new download didn't fix the problem.
The installation also asked to install a new root certificate and found out that "something has placed a proxy server in the directory" %localappdata%\Microsoft\CLR_v2.0
When he checked further, he discovered that both Windows versions have been uploaded just one day before, while the Ubuntu, MacOS, and Linux uploads are from last month.
The ARK team replied to the report soon afterwards mentioning that the Windows files have been removed.
Furthermore, DC said that the team is still investigating the issue and will provide updates on their official blog.
We are still investigating the matter and a full follow-up will be posted to the blog once we can fully resolve what happened. Only the Windows wallets were impacted.— Matthew_DC (@Matthew_DC) July 15, 2018
As a precautious step, he asked all users to enable 2-factor authentication and check all exchange accounts, email, social accounts and anything else that are used frequently.
As a precaution, all users should enable 2-factor authentication wherever possible. Please check your exchange accounts, social media, email, and anything else you frequently use and enable 2fa if not already enabled. For your $ARK Wallet, use @LedgerHQ Nano S to be safe.— Matthew_DC (@Matthew_DC) July 16, 2018