Monero's official website got compromised today and was infected with malware designed to steal coins :
https://www.zdnet.com/article/official-monero-website-compromised-with-malware-that-steals-funds/This got me thinking : do Dash users know how to verify the provided hash file that is available with the official Dash downloads ? (to verify if they have downloaded the correct official Dash Core Wallet file ?)
So i wrote this quick hash verification procedure for Dash users that are using Windows 10 / Windows 7.
When downloading from the official
https://www.dash.org/downloads website, you will often come across this 'Hash File' :
After downloading such a 'Hash File', you end up with a SHA256SUMS.asc file. This .asc file can be opened with notepad / notepad++
which shows you the hash for each download and which looks like this :
Now lets for example download 'dashcore-0.14.0.3-win64.zip' and verify its hash to make sure that the downloaded file is actually the correct file with a match to hash number '0c3fe9a3658f4b676596154b085793fe6674f4d2c5c6015146f8bcedc883e25a'
For Windows 10 users, i suggest using Windows PowerShell (Admin), which you can find when you right click on the Windows Startbutton. For Windows 7 users i suggest you search
for Windows PowerShell within Windows 7.
Within Windows PowerShell (Admin) use cd to go to your download directory, use ls to list the files in there and then use command CertUtil -hashfile fullfilename* SHA256
* you can select and then copy (ctrl c) and paste (ctrl v) the full filename from within PowerShell
As you can see the hash of the file i downloaded (dashcore-0.14.0.3-win64.zip), match with the provided hash in the Hash File.
The same can (and should) be done for other files like the Linux x64 file, when you for example need to update your online server / masternode.
Since it looks like we will be having a Dash Core Wallet update (v0.14.04) soon, we all will have an excellent opportunity to practice this.
