Cardano Users Targeted In Fake Eternl Desktop Wallet Phishing Campaign

Kostiantyn Tsentsura4 minutes ago

Cardano Users Targeted In Fake Eternl Desktop Wallet Phishing Campaign

A phishing campaign targeting Cardano (ADA) users has been circulating since late December, distributing malware disguised as the Eternl wallet's desktop application.

Security researchers identified the attack after analyzing professionally crafted emails titled "Eternl Desktop Is Live - Secure Execution for Atrium & Diffusion Participants."

The fraudulent messages reference legitimate Cardano ecosystem terms including NIGHT and ATMA token rewards through the Diffusion Staking Basket program.

Attackers use the unverified domain download.eternldesktop.network to distribute the malicious installer.

What Happened

Independent threat hunter Anurag analyzed the 23.3-megabyte Eternl.msi file and discovered it contains LogMeIn GoTo Resolve remote management software.

The installer drops an executable called unattended-updater.exe that creates configuration files enabling remote access without user interaction.

The malware establishes connections to legitimate GoTo Resolve infrastructure, allowing attackers to execute commands and monitor victim systems.

Network analysis showed the software sends information to attackers in JSON format through remote servers.

The emails contain no spelling errors and use polished professional language, making them difficult to distinguish from legitimate communications.

No digital signature or checksum verification accompanies the installer, preventing users from validating authenticity before installation.

Read also: Crypto Phishing Losses Fall 83% To $84 Million In 2025 Despite Active Drainer Ecosystem

Why It Matters

The campaign represents a supply chain abuse attempt aimed at establishing persistent unauthorized access to Cardano users' systems.

Remote management tools allow attackers to drain cryptocurrency wallets and steal credentials once installed on victim machines.

The attack demonstrates how threat actors exploit legitimate administrative software to bypass antivirus detection.

Security researchers emphasized that users should only download wallet applications from official Eternl communication channels.

The newly registered domain and lack of official announcements from Eternl served as key warning signs that went unnoticed by some users.

Similar phishing campaigns have previously targeted cryptocurrency users through fake software updates and fraudulent wallet applications.

Read also: Bitcoin Dips Below $90K As Trump Claims Maduro Captured In Venezuela Strike

Disclaimer and Risk Warning: The information provided in this article is for educational and informational purposes only and is based on the author's opinion. It does not constitute financial, investment, legal, or tax advice. Cryptocurrency assets are highly volatile and subject to high risk, including the risk of losing all or a substantial amount of your investment. Trading or holding crypto assets may not be suitable for all investors. The views expressed in this article are solely those of the author(s) and do not represent the official policy or position of Yellow, its founders, or its executives. Always conduct your own thorough research (D.Y.O.R.) and consult a licensed financial professional before making any investment decision.

Latest News

Crypto Phishing Losses Fall 83% To $84 Million In 2025 Despite Active Drainer Ecosystem

Cryptocurrency phishing losses fell 83% in 2025 to $83.85 million from $494 million the previous year. The number of victims declined 68% to 106,106, according to Web3 security platform Scam Sniffer.

Bitcoin Dips Below $90K As Trump Claims Maduro Captured In Venezuela Strike

Bitcoin (BTC below $90,000 on January 3 after President Donald Trump announced US forces captured Venezuelan President Nicolás Maduro. The cryptocurrency briefly declined to approximately $89,600 fol

XRP Overtakes BNB To Claim Fourth-Largest Cryptocurrency Position

XRP surpassed BNB in market capitalization, claiming the fourth-largest cryptocurrency position. XRP's market capitalization reached approximately $123 billion, edging past BNB's $121 billion. The r

Related News

macOS Users at Risk: Malware Mimics Ledger Live to Access Crypto

Cybersecurity researchers have uncovered a sophisticated malware campaign targeting macOS users with cryptocurrency holdings. The malicious software,

Atomic and Exodus Wallets Hit by Malicious Package Exploit

Threat actors have launched a fresh wave of cyberattacks aimed at crypto holders, specifically targeting users of Atomic and Exodus wallets through ma

ZachXBT Reports Hundreds Of Wallets Drained For Under $2,000 Each Across Multiple Chains

An active exploit is draining hundreds of crypto wallets across multiple blockchain networks, with losses reaching approximately $107,000 and climbing

Top 10 Crypto Malware Threats of 2025: How to Keep Your Mobile Wallet Safe

Cryptocurrency users increasingly rely on smartphones for managing their digital assets – from mobile wallets to trading apps. Unfortunately, cybercri

Microsoft Discovers Advanced Malware Targeting Coinbase, MetaMask, Trust Wallets

Microsoft's incident response team has identified a new remote access trojan (RAT) designed to compromise cryptocurrency holdings by targeting digital

Related Research Articles

Crypto Fraud in 2025 Hits Record Highs: From YouTube Deepfakes to Pig Butchering Scams

In 2025, cryptocurrency scams have escalated to unprecedented levels of sophistication and scale. As digital asset markets surged to new highs, frauds

Which EVM Wallet Should You Use in 2025? Top 13 Secure, Multi-Chain, and Beginner-Friendly Options

By 2025, the Ethereum Virtual Machine (EVM) ecosystem has grown exponentially, and crypto wallets have become a linchpin of Web3 usage. The number of

Top 10 AI-Powered Crypto Scams of 2025 and How to Protect Your Funds

Regular crypto investors are facing an alarming new threat: scammers armed with advanced artificial intelligence. Crypto fraud enabled by AI has explo

ADA Price Analysis: Why Cardano's Technical Superiority Couldn't Beat Ethereum and Solana

Cardano presents one of cryptocurrency's most compelling paradoxes: a blockchain platform built on peer-reviewed academic research and formal verifica

Crypto’s Uncomfortable Truth: 16 Major Blockchains Can Freeze User Assets — Is Decentralization at Risk?

A new report from Bybit’s Lazarus Security Lab suggests many major blockchains aren’t as trustless as they seem. In an industry built on decentralizat

Related Learn Articles

Protect Your Ledger Wallet: How to Spot and Avoid the Latest Scam

In recent news, Ledger hardware wallet users have been thrust into the spotlight once more - this time by fraudsters employing an ingenious, yet alarm

Social Engineering Attacks in Crypto: 10 Proven Tips to Keep Your Digital Assets Safe

Social engineering has emerged as the predominant threat vector in the cryptocurrency ecosystem, exploiting human psychology rather than technical vul

Protect Your Crypto Exchange Account: Advanced Security Strategies Explained

Social engineering has become the leading threat in the cryptocurrency ecosystem, targeting human behavior instead of technical flaws to breach securi

5 Top Ways to Secure Your Crypto Wallet Against Hackers

Most of the newbies in crypto urge to buy some tokens and don’t care much about where to keep them. That might be a crucial mistake. Neglecting securi

AI-Enhanced Crypto Fraud: What It Is and How to Avoid It

Cryptocurrency has always been a fertile ground for fraudsters. In recent years, technological advancements - especially in artificial intelligence -