Skip to main content Tech Radar Pro Tech Radar Gaming Tech Radar Pro TechRadar the business technology experts Search TechRadar View Profile België (Nederlands) Deutschland North America US (English) Australasia New Zealand Expert Insights Website builders Web hosting Best web hosting Best website builder Best office chairs Expert Insights Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam Sead Fadilpašić 12 March 2025 Hackers are impersonating Binance to steal people's passwords When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty Images) Cofense is warning about an ongoing phishing campaign Threat actors are impersonating Binance and promising their victims $TRUMP coins The victims are enticed to download ConnectWise RAT Cybercriminals are taking advantage of the "TRUMP coin craze to steal people’s information and possibly other cryptocurrencies, Cofense has warned. Earlier this year, US President Donald Trump launched a “memecoin” (a cryptocurrency coin made for fun) called $TRUMP. Following its launch, the price of the token soared by over 300% overnight. Within two days, it became the 19th most valuable cryptocurrency globally, with a total trading value nearing $13 billion based on a $64 value per token for the 200 million tokens issued by the afternoon of January 19. You may like Phishing campaign targets prominent X users, accounts at risk Beware, that Social Security email could be hiding dangerous malware ConnectWise RAT These kinds of events are golden opportunities for cybercriminals. As reported by Cofense, the threat actors made a fake Binance website which - while not perfect - does a good job at pretending to be the popular cryptocurrency exchange. The attackers then sent out phishing emails, telling their victims that they could redeem recently created $TRUMP coins, but only if they move fast and download “Binance Desktop”. Instead of actually getting the exchange’s desktop client, the victims would install the ConnectWise RAT - a once-legitimate Remote Desktop Manager (RDM) exploited by cybercriminals to act as malware. As soon as the fake software is installed, the attackers would move in and try to take over the device. This is somewhat unusual, Cofense said, since in most ConnectWise RAT cases the threat actor would interact with the victim after some time had passed. In any case, the RAT is then used to exfiltrate passwords saved in Microsoft Edge and other programs and applications supported by the Trojan. Phishing campaigns often leverage current events, since they help create a sense of urgency. Fast-selling tickets to events such as the Olympics, or the World Cup, Black Friday deals, or cryptocurrency tokens quickly rising in prices, can trigger FOMO with the consumers, making them ideal foundations for a scam campaign. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You might also like Beware, that Social Security email could be hiding dangerous malware We've rounded up the best password managers Take a look at our guide to the best authenticator app Sead Fadilpašić Social Links Navigation Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications. You must confirm your public display name before commenting Please logout and then login again, you will then be prompted to enter your display name. Phishing campaign targets prominent X users, accounts at risk Beware, that Social Security email could be hiding dangerous malware CrowdStrike warns of fake job offer scam that is actually just malware Watch out - that LinkedIn email could be a fake, laden with malware Fake Ledger data breach emails used to trick victims into giving up recovery phrases Fake DocuSign and HubSpot phishing emails target 20,000 Microsoft Azure accounts Latest in Security This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked UK cybersecurity sector could be worth £13bn, research shows Apple fixes dangerous zero-day used in attacks against iPhones and iPads Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam Sean Plankey selected as CISA director by President Trump Nation-state threats are targeting UK AI research Latest in News 'There's a reason why we do it': The Wheel of Time showrunner responds to fans who are still upset over the Prime Video show's plot alterations Android 16 could bring an improved Samsung DeX-style desktop mode to more phones Nvidia could unleash RTX 5060 and 5060 Ti GPUs on PC gamers tomorrow, but there’s no sign of rumored RTX 5050 yet ChatGPT just wrote the most beautiful short story, and I wonder what I'm even doing here This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked Samsung's Android XR headset could avoid the Apple Vision Pro's biggest mistake, according to this leak More about security This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked UK cybersecurity sector could be worth £13bn, research shows NYT Strands hints and answers for Thursday, March 13 (game #375) See more latest Most Popular NYT Strands hints and answers for Thursday, March 13 (game #375) NYT Connections hints and answers for Thursday, March 13 (game #641) This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked Quordle hints and answers for Thursday, March 13 (game #1144) 'There's a reason why we do it': The Wheel of Time showrunner responds to fans who are still upset over the Prime Video show's plot alterations Nvidia could unleash RTX 5060 and 5060 Ti GPUs on PC gamers tomorrow, but there’s no sign of rumored RTX 5050 yet ChatGPT just wrote the most beautiful short story, and I wonder what I'm even doing here Android 16 could bring an improved Samsung DeX-style desktop mode to more phones UK cybersecurity sector could be worth £13bn, research shows Apple fixes dangerous zero-day used in attacks against iPhones and iPads LATEST ARTICLES NYT Connections hints and answers for Thursday, March 13 (game #641) Quordle hints and answers for Thursday, March 13 (game #1144) NYT Strands hints and answers for Thursday, March 13 (game #375) Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site. Contact Future's experts Terms and conditions Privacy policy Cookies policy Advertise with us Web notifications Accessibility Statement Future US, Inc. Full 7th Floor, 130 West 42nd Street, Please login or signup to comment Please wait...