I go with the library theory. It is not the first time I see something like this happen, especially with crypto-related sites. It is vital to have the proper security software installed for detecting this kind of things.