Hackers are exploiting $TRUMP tokens to lure victims into a new phishing scam.

Cofense has issued a warning about an active phishing campaign in which cybercriminals are impersonating Binance, promising their victims the opportunity to obtain $TRUMP coins. This scam aims to lure users into downloading the ConnectWise RAT software.

With the recent launch of the $TRUMP "memecoin" by former U.S. President Donald Trump, interest in this cryptocurrency has surged considerably. Just a few days after its launch, the token's price skyrocketed by more than 300%, pushing its valuation to nearly $13 billion, making it the 19th most valuable cryptocurrency in the world.

Criminals have taken advantage of this surge to create a fake Binance website that, while not perfect, effectively simulates the popular cryptocurrency exchange platform. Through phishing emails, they inform victims that they can redeem the $TRUMP coins they just created, but only if they act quickly and download "Binance Desktop."

However, what victims would actually install is not the legitimate desktop client of the platform, but the ConnectWise RAT, a remote desktop manager that has been misused as malware by cybercriminals. Once the fake software is installed, attackers can access the device and take control of it.

Cofense has indicated that this approach is somewhat unusual, as in many cases of ConnectWise RAT, the threat actor usually interacts with the victim after a period of time. In this case, the RAT is used to extract stored passwords from Microsoft Edge and other compatible programs and applications with the Trojan.

Phishing campaigns often capitalize on current events to create a sense of urgency. Situations like the rapid sale of tickets for events such as the Olympics, the World Cup, Black Friday deals, or cryptocurrencies experiencing skyrocketing price increases can invoke fear of missing out, making them ideal scenarios for such scams.