Over 10 million users may be vulnerable to new JSCEAL malware stealing credentials
The post Over 10 million users may be vulnerable to new JSCEAL malware stealing credentials appeared on BitcoinEthereumNews.com. A new JSCEAL malware campaign mimics 50 popular crypto platforms according to Check Point Research. The operation uses malicious advertisements to distribute fake applications targeting users. An estimated 10 million people globally have been exposed to attacks. The campaign leverages compiled JavaScript files to steal cryptocurrency wallets and credentials effectively. Malicious advertisement campaign reaches 10 million users The JSCEAL campaign exposed around 35,000 malicious ads in the first half of 2025. They themselves garnered millions of views in the European Union. Check Point Research is of the view that around 10 million people viewed these ads worldwide. Malicious material was shared by ill-intentioned actors on hijacked accounts or fresh profiles. Promoted posts assisted in the distribution of fake advertisements on social media. The advertisements mostly discussed cryptocurrencies, tokens, and banks. The campaign run using almost 50 various financial institutions with spoofed applications. The bad actors registered domain names under some naming conventions for redirection. The top-level domains contained a .com extension in accordance with corresponding terminology. Patterns in the domain included app, download, desktop, PC, and window versions. Each word was used singly or in a plural sense in the domains. Combinatorics show that there are 560 unique domain names that are in compliance with the rules. Malicious ads on Facebook, Source: Check Point Only 15% of potential domains appeared registered at publication time. Redirection chains filtered targets based on IP address and referrer sources. Victims outside the desired ranges received decoy websites instead of malicious content. Facebook referrers were required for successful redirection to fake pages. The filtering system helped attackers avoid detection while they reached their target victims. Meta’s Ad Library provided estimates for advertisement reach within the EU. Conservative calculations assume each advertisement reached 100 users minimum. The campaign’s total reach exceeded 3.5 million within the European…
The post Over 10 million users may be vulnerable to new JSCEAL malware stealing credentials appeared on BitcoinEthereumNews.com.
A new JSCEAL malware campaign mimics 50 popular crypto platforms according to Check Point Research. The operation uses malicious advertisements to distribute fake applications targeting users. An estimated 10 million people globally have been exposed to attacks. The campaign leverages compiled JavaScript files to steal cryptocurrency wallets and credentials effectively. Malicious advertisement campaign reaches 10 million users The JSCEAL campaign exposed around 35,000 malicious ads in the first half of 2025. They themselves garnered millions of views in the European Union. Check Point Research is of the view that around 10 million people viewed these ads worldwide. Malicious material was shared by ill-intentioned actors on hijacked accounts or fresh profiles. Promoted posts assisted in the distribution of fake advertisements on social media. The advertisements mostly discussed cryptocurrencies, tokens, and banks. The campaign run using almost 50 various financial institutions with spoofed applications. The bad actors registered domain names under some naming conventions for redirection. The top-level domains contained a .com extension in accordance with corresponding terminology. Patterns in the domain included app, download, desktop, PC, and window versions. Each word was used singly or in a plural sense in the domains. Combinatorics show that there are 560 unique domain names that are in compliance with the rules. Malicious ads on Facebook, Source: Check Point Only 15% of potential domains appeared registered at publication time. Redirection chains filtered targets based on IP address and referrer sources. Victims outside the desired ranges received decoy websites instead of malicious content. Facebook referrers were required for successful redirection to fake pages. The filtering system helped attackers avoid detection while they reached their target victims. Meta’s Ad Library provided estimates for advertisement reach within the EU. Conservative calculations assume each advertisement reached 100 users minimum. The campaign’s total reach exceeded 3.5 million within the European…
What's Your Reaction?
