A Reddit user has claimed that YouTube is accidentally running an advertisement for Bitcoin wallet Electrum that turns out to contain harmful malware.

According to the user named “mrsxeplatypus” who first posted the warning on Reddit on March 26, the ad employs a widely known phishing tactic dubbed typosquatting or URL hijacking, which takes a user to a slightly altered alternative web address that exploits their computers when they click on a given link.

“The malicious advertisement is disguised to look like a real Electrum advertisement […] It even tells you to go to the correct link (electrum.org) in the video but when you click on the advertisement it immediately starts downloading the malicious EXE file. As you can see in the image, the URL it sent me to is elecktrum.org, not electrum.org,” explained mrsxeplatypus.

Google, which owns YouTube, said, “Our teams have taken appropriate action against the ad.”

This is not the first time Electrum has been hit by scammers. Just in February this year, a number of Electrum Wallet and MyEtherWallet customers reported scamming attacks after someone had supposedly used false security update notes to acquire private data from users.