You are paranoid.
Your friends were using PHONE wallets! Them losing their money had nothing to do with Phoenixminer…
Using a phone wallet is risky and are a stupid idea.
Using a phone as a crypto wallet is as secure as putting all your fiat money in a shed in your back yard and hiding the key to the shed under the welcome mat of the shed.
It’s just plain reckless.
You talk about not trusting “closed source” software? Yet I can guarantee you use it constantly. Are you using a smartphone? Are you using Nvidia or AMD driver blobs in Linux? Do you have any smart home devices? Is your TV “smart”? Do you own a newer car?
Open source doesn’t necessarily make something more trustworthy, as well.
Malware, spyware, etc can hide in anything. Even open source… even if you compile your own Linux, unless you know how to read through the entire source code and confirm its safe, you could potentially be at risk.
As with all things in life, there is a certain amount of implicit trust we place in things around us. Risk is everywhere.
Why would the current builds of Phoenixminer suddenly be dangerous because the author has been unavailable for a month? Obviously, don’t download the binary unless the CRC hash matches the hash of the original. Don’t use fake versions (of Phoenixminer or any other software)… and don’t use PHONE WALLETS!