VERY IMPORTANT

A sophisticated malware campaign called JSCEAL is targeting cryptocurrency users through fake apps impersonating popular trading platforms. The attackers use malicious ads to lure victims into downloading installers that deploy a multi-stage infection chain. This includes PowerShell scripts for profiling and a final payload of compiled JavaScript (JSC) files executed via Node.js. The JSCEAL malware steals crypto-related data and credentials while employing advanced evasion techniques. The campaign has potentially reached millions of users across multiple countries, primarily targeting the cryptocurrency and financial sectors.