The post Microsoft Issues Crypto Warning—Is Your Wallet Safe? appeared on BitcoinEthereumNews.com.

A team of experts at Microsoft have disclosed that threat actors are actively luring crypto users to download malicious installers on their computers which end up gathering and exporting information to their command-and-control server.  To mitigate these attacks, Microsoft recommends that organizations educate their users and turn on endpoint protection. Microsoft Threat Intelligence, Microsoft’s global network of security experts, has unravelled an ongoing malicious campaign targeting crypto users. According to the information delivered through multiple posts on X, Microsoft highlighted that several individuals might have become victims already, with many likely to fall for this carefully orchestrated fraudulent scheme, something the US Securities and Exchange Commission (SEC) seeks to fight, as highlighted in our previous article. The Details of the Story Reviewing the posts, CNF discovered that “malvertising” is one of the campaigns that has become rampant in the ecosystem. Also known as malicious advertising, malvertising exists as a cyberattack technique where malicious code is embedded in a digital ad after breaching a third-party server. According to experts, these ads could sometimes be in the form of banners, imagery, or even video. While they usually appear unsuspicious, just a click by website visitors would have malware or adware installed on their computers. In most cases, these ads may redirect users to a malicious website for further attack using social engineering or spoofing. Shedding more light on this, Microsoft explained that the process of these attacks could be summarized into four – defence evasion, data collection, payload delivery, and execution. With defence evasion, users who are directed to these malicious sites unknowingly download malicious installers that are designed to appear as legitimate software. According to the report, this software could be a copy of trading platforms like Binance or TradingView. However, they contain what they termed as the malicious Dynamic Link…

---

Filed under: News - @ April 17, 2025 1:27 am