Cybersecurity Firm: Malware Operation "JSCEAL" Impersonates Over 50 Leading Crypto Apps, Puts More Than 10 Million Users Worldwide at Risk

According to a report by Cointelegraph, as cited by Jinse Finance, Check Point research has revealed that a malware campaign codenamed "JSCEAL" is impersonating nearly 50 popular cryptocurrency trading applications worldwide, including certain exchanges, MetaMask, and others. Active since March 2024, the campaign lures users into downloading fake applications embedded with malware through malicious advertisements. Research indicates that in the first half of 2025 alone, 35,000 malicious ads have been deployed, affecting millions of users in the EU region alone. This malware employs unique anti-detection techniques and is capable of harvesting sensitive data such as users' keystrokes, Telegram account information, and autofill passwords, as well as manipulating browser extensions related to cryptocurrencies. Experts recommend using anti-malware solutions capable of detecting malicious JavaScript execution as an effective defense against such attacks.