Warning: Electrum versions older than 3.3.4 are susceptible to phishing. Do not download Electrum from another source than electrum.org, and learn to verify GPG signatures.
Latest release: Electrum-4.2.2
Release notes – Previous releases
Our executables are reproducible, and are signed independently by several builders.
The current executables have been signed by ThomasV, SomberNight, Emzy.
Sources and Binaries
 Python (3.8 and higher) | Electrum-4.2.2.tar.gz | Signatures |
 Linux | Appimage | Signatures |
 Windows (8.1 and higher) | Standalone Executable | Signatures |
| Windows Installer | Signatures | |
| Portable version (security advice) | Signatures | |
 OSX (10.13 and higher) | Executable for OS X | Signatures |
 Android (5.0 and higher)(available on Google Play) | 64 bit | Signatures |
| 32 bit | Signatures |
Installation from Python sources
| Linux | Install dependencies: | sudo apt-get install python3-pyqt5 libsecp256k1-0 python3-cryptography |
| Download package: | wget https://download.electrum.org/4.2.2/Electrum-4.2.2.tar.gz | |
| Verify signatures: | wget https://download.electrum.org/4.2.2/Electrum-4.2.2.tar.gz.ascgpg --verify Electrum-4.2.2.tar.gz.asc | |
| Run without installing: | tar -xvf Electrum-4.2.2.tar.gzpython3 Electrum-4.2.2/run_electrum | |
| Install with PIP: | sudo apt-get install python3-setuptools python3-pippython3 -m pip install --user Electrum-4.2.2.tar.gz |
How to verify GPG signatures
GPG signatures are a proof that distributed files have been signed by the owner of the signing key. For example, if this website was compromised and the original Electrum files had been replaced, signature verification would fail, because the attacker would not be able to create valid signatures. (Note that an attacker would be able to create valid hashes, this is why we do not publish hashes of our binaries here, it does not bring any security).
In order to be able to verify GPG signatures, you need to import the public key of the signer. Electrum binaries are signed with ThomasV’s public key. On Linux, you can import that key using the following command: gpg --import ThomasV.asc. Here are tutorials for Windows and MacOS. When you import a key, you should check its fingerprint using independent sources, such as here, or use the Web of Trust.
Notes for Windows users
Electrum binaries are often flagged by various anti-virus software. There is nothing we can do about it, so please stop reporting that to us. Anti-virus software uses heuristics in order to determine if a program is malware, and that often results in false positives. If you trust the developers of the project, you can verify the GPG signature of Electrum binaries, and safely ignore any anti-virus warnings. If you do not trust the developers of the project, you should build the binaries yourself, or run the software from source. Finally, if you are really concerned about malware, you should not use an operating system that relies on anti-virus software.
Old versions of Windows might need to install the KB2999226 Windows update.
source : https://electrum.org/#download