A sophisticated phishing campaign is targeting Cardano (ADA) users through fraudulent emails promoting a fake Eternl Desktop wallet. Attackers distribute a malicious Eternl.msi installer containing GoTo Resolve malware, which allows remote access and credential theft. The phishing emails mimic official Eternl announcements, exploiting staking and governance references to appear legitimate. Security experts warn users to download wallet software only from verified Eternl channels to avoid malware and unauthorized access. The malicious installer, identified by threat hunter Anurag, is distributed via the unverified domain download.eternldesktop.network. It includes a hidden LogMeIn GoTo Resolve tool that enables remote access without user interaction, posing a critical security risk. The campaign uses professional phishing techniques, with emails promoting features like hardware wallet compatibility and advanced delegation controls. Analysts emphasize the importance of avoiding newly registered domains and unofficial download links to prevent persistent unauthorized access and compromise of wallet security.