Cybersecurity researchers at Check Point have alerted that over 10 million individuals may be targeted by a malware campaign named 'JSCEAL', which promotes fake cryptocurrency apps to steal crypto credentials. Active since March 2024, this campaign takes the form of deceptive advertisements impersonating popular trading platforms like Binance and MetaMask. In the first half of 2025, Check Point identified 35,000 malicious ads, with a significant number viewed in the EU, and the global exposure could surpass 10 million. The malware employs unique anti-evasion techniques, resulting in low detection rates, and collects sensitive user information such as passwords, Telegram account details, and browser cookies. It runs silently in the background while redirecting victims to seemingly legitimate sites. Victims are advised to use robust anti-malware software to enhance protection against such threats.

Source 🔗