Crypto Users Warned: 10M+ Targeted by Malware in Fake Trading App Ads

Krutika Adani

10M+ Users Exposed

Cybersecurity firm Check Point has flagged a malware campaign, “JSCEAL,” targeting crypto users via ads impersonating trusted apps like Binance and MetaMask. Over 10 million people could be affected.

How the Malware Campaign Works

Malicious ads redirect users to fake but convincing websites. These sites download malware that mimics nearly 50 real crypto apps while secretly stealing user data.

Stealthy, Hard-to-Detect Malware

Utilising advanced anti-evasion tactics and JavaScript-based code, the malware operates silently, bypassing detection without requiring user input. It simultaneously opens legit app pages to trick victims.

What Data Is Being Stolen?

The malware scoops up sensitive info like passwords, Telegram credentials, browser cookies, and crypto extension data — compromising user wallets and identities.

How to Stay Safe

Install anti-malware tools that scan for malicious JavaScript. Always download crypto apps from official stores and avoid clicking on ads, especially those mimicking trading platforms

Know more