ChainCatcher reports that hackers are stealing cryptocurrency users’ assets by running fake Windows 11 update ads on Facebook. These ads use professional Microsoft branding and direct users to cloned Microsoft websites, where malicious software is downloaded.
The malware installs a framework called “LunarApplication” on the victim’s computer, specifically designed to steal cryptocurrency wallet seed phrases, login credentials, and other sensitive information. Hackers use geofencing techniques to avoid data center IP addresses and prevent automated scanners from detecting the attack.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Tether 挹注 150M美元救援 Drift Protocol,反觀 Circle 因疏失遭集體訴訟
Drift Protocol faced a $280 million loss due to a hack, prompting Tether to launch a $150 million recovery plan, switching settlement assets to USDT. Meanwhile, Circle faces a lawsuit for failing to freeze stolen funds, highlighting regulatory ambiguities in the crypto industry.
ChainNewsAbmedia3m ago
Circle Faces Class Action Lawsuit Over $280M Drift Protocol Exploit Response
Circle Internet Group is facing a class action lawsuit for failing to quickly halt a $280 million exploit involving its Cross-Chain Transfer Protocol, as investors claim it could have intervened. The lawsuit highlights Circle's prior ability to freeze funds, raising questions about their responsiveness.
GateNews13m ago
Ethereum Foundation: Ketman project identifies 100 North Korean agents within six months
According to an ETH Rangers project recap report published by the Ethereum Foundation on April 17, 2026 (Thursday), within its six-month funding period the Ketman project funded by the Ethereum Foundation identified 100 North Korean IT workers using false identities to infiltrate Web3 organizations, and contacted roughly 53 crypto projects to warn them they may have hired active North Korean agents.
MarketWhisper35m ago
Kyrgyzstan Crypto Exchange Grinex Hit by $15M Hack, Exposing Russia Sanctions Evasion Network
A cyberattack on Grinex, a Kyrgyzstan cryptocurrency exchange, exposed a network allegedly helping Russia evade sanctions. Hackers stole $15 million, targeting Grinex and the linked TokenSpot. Grinex, viewed as a continuation of the sanctioned Garantex, faces scrutiny for facilitating transactions linked to sanctioned entities.
GateNews1h ago
Polymarket Audits Builders Program Startups Over Insider Trading Concerns - Unchained
Polymarket has initiated an audit of its Builders Program after finding third-party tools that may facilitate insider trading by mimicking successful trades. The review follows scrutiny over potential market abuse linked to these apps.
UnchainedCrypto2h ago
CoW Swap Pauses Protocol After DNS Hijacking Redirects Frontend to Malicious Site - Unchained
CoW Swap suspended its protocol on April 14, 2026, after a DNS hijacking redirected users to a phishing site. The platform's security firm alerted users to revoke wallet approvals. The underlying smart contracts were safe, but backend and APIs were paused as a precaution.
UnchainedCrypto2h ago
