JSCEAL Targets Crypto App Users - A New Threat in the Cyber Security Landscape
Check Point, Tuesday, July 29th, 2025
At Check Point, we continuously monitor emerging cyber security threats to help protect our users from evolving risks. In this blog, we delve into the JSCEAL campaign, which has been actively targeting crypto app users since March 2024.
Check Point Research has discovered the JSCEAL campaign, which targets crypto app users by leveraging malicious advertisements
The campaign uses fake applications impersonating popular cryptocurrency trading apps, with over 35,000 malicious ads served in the first half of 2025, generating millions of impressions in the EU alone
JSCEAL malware, which is delivered through sophisticated multi-layered infection flows, steals cryptocurrency-related data like credentials and wallets, making it a serious threat to crypto app users
The campaign utilizes a modular structure, enabling attackers to adapt new tactics and payloads as needed, making it difficult for traditional security mechanisms to detect and prevent