By
Beware of ‘Cracked’ TradingView — It’s a Crypto-Stealing Trojan
https://ift.tt/Mv8uces
Cybersecurity firm Malwarebytes has warned about a new crypto-stealing malware.
It is disguised as a cracked version of TradingView Premium, a popular charting tool for financial markets. Discover more about this crypto scam.
Scammers Spread Crypto-Stealing Malware via Fake TradingView Giveaways
Scammers are lurking on crypto subreddits, posting links to infected Windows and Mac installers under the guise of a premium TradingView giveaway. However, instead of unlocking fancy features, the download installs malware designed to steal personal data and drain crypto wallets. Jerome Segura, a senior security researcher at Malwarebytes, detailed the scheme in a March 18 blog post.
ALERT: Information-stealing malware AMOS and Lumma, disguised as cracked versions of TradingView, have been spread through Reddit posts targeting crypto users to steal personal data and crypto wallets, per Malwarebytes. pic.twitter.com/HtqMHM4RM0
— Cointelegraph (@Cointelegraph) March 20, 2025
“We have heard of victims whose crypto wallets had been emptied and were subsequently impersonated by the criminals who sent phishing links to their contacts,” Segura said. These fraudulent downloads contain two dangerous malware programs: Lumma Stealer and Atomic Stealer. Lumma Stealer, active since 2022, primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions. Atomic Stealer, discovered in April 2023, is capable of capturing sensitive data, including administrator passwords and keychain credentials.
Scammers Pose as Helpful Users to Spread Crypto Malware
The scammers behind the scheme don’t just drop a link and disappear. Instead, they stick around in Reddit threads, engaging with users, offering “helpful” advice, and assisting with download issues—making the con feel more legitimate. “What’s interesting with this particular scheme is how involved the original poster is, going through the thread and being ‘helpful’ to users asking questions or reporting an issue,” Segura noted.
Beware of #Trojans disguised as cracked versions of TradingView!
AMOS and Lumma info stealers have recently been distributed via #Reddit posts targeting Mac and Windows users in the crypto space, draining their wallets and stealing personal data. One… https://t.co/c5eYDzbzmG
— SlowMist (@SlowMist_Team) March 20, 2025
The malware’s exact origins remain unclear, but Malwarebytes found that the website hosting the files was registered under a Dubai-based cleaning company, while the malware’s command-and-control server had been set up in Russia about a week before its discovery.
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment, and informational purposes only. Any information or strategies are thoughts and opinions relevant to the accepted levels of risk tolerance of the writer/reviewers, and their risk tolerance may be different from yours. We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments so please do your due diligence. Copyright Altcoin Buzz Pte Ltd.
The post Beware of ‘Cracked’ TradingView — It’s a Crypto-Stealing Trojan appeared first on Altcoin Buzz.
news
via Altcoin Buzz https://ift.tt/EcdCZwD
March 20, 2025 at 06:35AM
March 20, 2025 at 06:35AM
via Altcoin Buzz https://ift.tt/Mv8uces