Its all about trust. No one wants to entrust their bitcoins to dodgy software.
Don't trust, verify!Which is why, regardless of the fact that I always download Electrum from electrum.org... I will always verify the digital signature before installing and using it. I also always check the Electrum website on a semi-regular basis to look for updates.
In my opinion, Electrum isn't "dodgy"... and at the end of the day... the real blame lies at the feet of the scumbags executing these attacks.
