Security Company: Beware of JSCEAL Malicious Activities Targeting Crypto Assets Users

PANews July 31 news, cybersecurity company Check Point stated that researchers recently discovered a large-scale malicious activity named JSCEAL, where attackers exploit the Node.js platform by using compiled JavaScript files to target users of Crypto Assets applications. This operation has been active since March 2024, with attackers inducing users to download malicious programs masquerading as nearly 50 mainstream Crypto Assets trading applications through fake advertisements. In the first half of 2025, there were approximately 35,000 related malicious ads, which gained millions of exposures in the EU region alone. The attack process is layered and has strong anti-detection capabilities, capable of stealing user credentials, Wallets, and other sensitive information, and features remote control, keylogging, and browser traffic hijacking. The research indicates that the detection rate of this malicious program is extremely low, with some variants not being recognized by mainstream antivirus software for an extended period, reminding users to stay vigilant and avoid downloading Crypto Assets applications through unofficial channels.