A sophisticated malware campaign known as JSCEAL has compromised over 10 million cryptocurrency users globally through malicious advertisements impersonating legitimate trading platforms like MetaMask and Binance. The operation leverages fake crypto app downloads to harvest sensitive credentials including passwords, wallet keys, and Telegram account details.
JSCEAL’s novel JavaScript-based evasion techniques allow it to bypass conventional security measures, complicating detection efforts. Malicious ads promoting counterfeit applications have reached at least 3.5 million users in the European Union, contributing to the campaign’s extensive global reach.
Security experts warn that blockchain’s irreversible transaction nature makes crypto users highly vulnerable to such financially motivated attacks. Affected individuals are urged to immediately replace compromised passwords, avoid clicking suspicious advertisements, and implement robust anti-malware defenses. The campaign underscores escalating threats facing digital asset holders as attackers develop increasingly advanced data-stealing tools.