Electrum is a popular Bitcoin wallet, distributed on electrum.org and spesmilo/electrum.

A few weeks ago scammers bought the electrum dot com domain and started using it to distribute a modified malware version of electrum called ElectrumPro to steal its user’s bitcoins.

The electrum team published a decompiling guide for ElectrumPro binary on windows to proove that it is indeed stealing users:

This document describes how to decompile the “Electrum Pro” Windows binaries, and how to verify that they indeed contain bitcoin-stealing malware. We previously warned users against “Electrum Pro”, but we did not have formal evidence at that time.