Monero’s command-line interface (CLI) tools available at getmonero.org may have been compromised over the last 24 hours. The team notes that the hash of the binaries available for download did not match the expected hashes. A professional investigator going by the name of Serhack said that the software distributed after the server was compromised is indeed malicious, stating: I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet.”]
Source: https://cointelegraph.com/news/malware-on-official-monero-website-can-steal-crypto-investigator