Seems like you don't need to be worried anymore. They have posted a statement https://electrum-ltc.org/ that states the attack happened not before the 31st of July though.

And at best those come from a source not that easy to manipulate

Good for you , for your other machines, best of luck to you that they are not affected.

Well, from what I've read it is worse. This is effectively able to execute arbitrary code downloaded from that ip in the code snippet from the chat log he posted. But in short: yes, but worse.

But he already wrote how to check if you're infected, just search in the electrum file for "subprocess", this should not be there from what I can see from the official source code, so any occurance would indicate an infection.

Btw. I would guess that it is unlikely that you've got an infected version, as probably your coins would be already gone , but better check twice though.


Edit: and a suggestion to all of you: You should know that checking against checksums, like this is now stated on their site is no protection! They can be manipulated as well, what you should expect are gpg signed checksums instead from a trusted source. If someone takes over their site, which seems to just happened, those hashes and provided ascs and even the information of the signer fo their archives wont save you either, as the hackers just manipulate those too! Yes I know there is an additional signing, but I bet no one of you could make a difference out of it as you probably don't know who should have signed it and all the contents could be manipulated. But hey, you're downloading third party software outside of a controlled environment like your package manager don't you? So expect this to happen...

Does not change anything, it is your WebApp that is just badly written (I'm sure you can do better ). As said the bad performance is notable just by having your website open and not doing anything Just look at the primedice single page app, which performs for a order of magnitudes better.
Don't understand me wrong, this is not ranting at you and I don't want to offend, just criticizing things you can do better. Thank you for your answer so far

What about my other question?
"As you've written check daily on KingDice.com, is there a notification about the happy hour on the website too? I did not noticed any though, but a friend of mine referred me to this thread, as I wondered why suddenly the claim changed. Would be quite convinient for existing gamblers to get notified directly on your page though if it is not already there and I am just blind "

As you've written check daily on KingDice.com, is there a notification about the happy hour on the website too? I did not noticed any though, but a friend of mine referred me to this thread, as I wondered why suddenly the claim changed. Would be quite convinient for existing gamblers to get notified directly on your page though if it is not already there and I am just blind

Cool action though. Btw, I do like your DiceGame, but you should work on the performance of your WebApp. This monster eats up a lot more CPU than it should, just by being open :p