A recent malicious advertising campaign on Facebook is leveraging the reputations of well-known cryptocurrency exchanges to trick users into downloading malware. Bitdefender Labs discovered that the attackers are using deceptive ads that imitate popular brands like Binance, TradingView, ByBit, and MetaMask. These ads often feature familiar faces such as Elon Musk, Cristiano Ronaldo, or Zendaya to appear legitimate. When users click on the ads, they are directed to fake websites that closely resemble the real ones, prompting visitors to download a “desktop client” that actually serves as a gateway for sophisticated malware.
The fake websites launch a silent server on the victim’s device, which then connects to a back-end channel to receive malicious instructions. This method makes it challenging for traditional security tools to detect the attack. The attackers also employ advanced filtering and tracking tools to evade detection and only show harmful content to users arriving through specific Facebook ad links. In some cases, the site may block access unless opened in Microsoft Edge, displaying blank pages in other browsers.
Researchers at Bitdefender found that numerous Facebook accounts are involved in promoting the campaign, with some accounts posting over 100 ads in a single day. Although many of these ads are removed quickly, they manage to accumulate thousands of views before being taken down. One Facebook page mimicked the official account of TradingView, complete with fake comments, posts, and imagery, except for redirect links leading to the malicious clone. The victims targeted by these scams tend to be men interested in technology and finance, with some ads specifically targeting users in Bulgaria and Slovakia based on geography and demographics.
To protect yourself from such scams, experts recommend not trusting ads just because they look familiar. Scammers often replicate branding and use celebrity endorsements to appear legitimate. It is safer to visit the company’s official website directly by typing the URL yourself and verifying authenticity with official social media accounts or customer service. Additionally, users should avoid downloading software from ad links and install robust antivirus software to prevent malware attacks. Keeping browsers up to date, paying attention to subtle red flags on websites, enabling two-factor authentication, and using data removal services can also help protect against online scams.
Facebook’s failure to address malvertising not only jeopardizes user security but also undermines the credibility of its advertising platform. If users start associating Facebook ads with scams and malware, it could lead to a loss of trust and revenue for advertisers. To prevent further threats, Facebook must take action to protect its users and maintain the integrity of its platform. Do you believe social media platforms are doing enough to combat online scams? Share your thoughts with us at Cyberguy.com/Contact.
Kurt “CyberGuy” Knutsson, an award-winning tech journalist, contributes to Fox News and FOX Business with his expertise in technology and gadgets. For tech inquiries or story ideas, visit Kurt’s website at Cyberguy.com.
