#CryptoScamAlert Researchers from Check Point (NASDAQ:CHKP), specializing in cybersecurity, found that the campaign has been active since March 2024. The fraudsters are spreading online advertisements, deceitfully convincing potential victims to install fake cryptocurrency trading applications.
Malware uses unique methods of protection against detection, making it extremely difficult to identify, security specialists lament. Users clicking on fraudulent ads are redirected to a fake website, the interface of which closely resembles that of a well-known platform. At the same time, both the hacker's site and its malware are launched, which in the background collects confidential information about the user, primarily related to cryptocurrencies.
The program collects Telegram account data, autofill passwords, including those for cryptocurrency wallets, and then transmits them to the hacker. The malware also gathers cookies that can reveal which websites the victim visits most frequently. To prevent such attacks, Check Point specialists recommended using antivirus software.
According to Check Point estimates, around 10 million people worldwide have already encountered online ads for fake crypto applications. In the first half of 2025, Meta (NASDAQ:META) recorded 35,000 fraudulent ads that garnered around 3.5 million views in the European Union alone.
Recently, Check Point experts reported on hackers deploying scripts that hack users' browsers for the hidden mining of the privacy-preserving cryptocurrency Monero. Hackers have started stealing cryptocurrencies even through Steam by embedding malware in games, as recently reported by the company Prodaft.