The main question is who actually downloaded the phoenix miner from the unofficial sources and then included it in their nicehash software package for everyone to download? Answer:
nicehash employees*
So don't blame the Phoenix now as he is not here to defend himself. So far it has proven to be stable software so I'll keep using it myself.
Also, there is no proof it is malicious so I'd advise nicehash against spreading the fud based on a single fact that it was removed from Mega. Claymore was also removed from Mega and no one panicked about it.
I know they're working on their excavator and they don't need/want phoenix anymore, but that's not the way to handle such transition. Very unprofessional, classic nicehash.
Edit: *NiceHash later confirmed that they
didn't add the malware to their software package. They however still didn't confirm or explain which checksum they've compared and where.
Edit 2: Matjaž "djeZo" Škorjanc stated that NiceHash will publicly apologise to Phoenix miner team, but still insisting that I'm spreading the FUD. I'm not. But I have to explain why I've posted this.
They are trying to turn their PR failure (or whatever it was) into FUD against NH lead by me, again to demonstrate they can attack anyone they want at any time with their massive outreach. Phoenix, Trex, ... me on the personal level or anyone else, even the media.
My statement was based on their official statements and unofficial comments made by their team members.
Now, here is why I was 100% sure that NiceHash has included unofficial miner to their package:1) NiceHash dev suggesting extreme precautious regarding Phoenix miner although the last version was released in 25th January 2021.
2) NiceHash tweet suggesting extreme precautious - suggesting that this is a press-release worthy incident and retweet is needed so the largest possible amount of people outside NH will see this as well.
3) "Control shasum from new download locations does not match the value published by the developer on his channel!" While we all know that last Phoenix release was on 25th January 2021.
4) Matjaž (original founder of NiceHash) threatened me in private here on Bitcointalk to delete all my posts or else I will see the consequences.
5) They didn't provide the key information where did they get the software from; or if that software was actually used or not; or if it they used it only for shasum comparison purposes.
6) No other mining management system reported similar incident, so it must look like it happened only to NiceHash.
All that has summed up to make it clear for me that they did actually packed the software in their release. Otherwise it wouldn't be that urgent to tell all the people to immediately stop using the software and format their drives, move crypto wallets elsewhere, ... why else would they suggest that if they didn't push the .exe to user's computers by mistake? That was my only obvious conclusion. Then threats only made it more suspicious as it looked like they wanted to cover their tracks of their failure and bring all the storm upon Phoenix miner. Which we are using it for 3 years and we trust it.
All that said - I couldn't have assumed anything else than what I wrote. The drama started about 9:40 AM CET with their Tweet.