{"id":18306,"date":"2025-03-20T16:32:15","date_gmt":"2025-03-20T16:32:15","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=18306"},"modified":"2025-03-20T16:32:15","modified_gmt":"2025-03-20T16:32:15","slug":"crypto-traders-beware-this-fake-tradingview-is-stealing-funds","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=18306","title":{"rendered":"Crypto Traders Beware: This Fake TradingView Is Stealing Funds"},"content":{"rendered":"
\n

A new threat is emerging from hackers who are disseminating hazardous software to Reddit<\/a> users who are seeking free trading tools. Malwarebytes, a cybersecurity firm, has reported that scammers have installed malware in phony \u201ccracked\u201d versions of TradingView Premium. This malware has the potential to pilfer personal information and empty crypto wallets. Malwarebytes Senior security researcher Jerome Segura issued the warning in a blog post on March 18.<\/p>\n

Victims Lose Crypto, Their Identity Gets Stolen<\/h2>\n

Segura reported that victims had their crypto wallets depleted<\/a> and later impersonated by criminals who sent phishing links to their contacts. The attack employs a dual threat, in which two distinct malware programs, Lumma Stealer and Atomic Stealer, collaborate to infiltrate the computers of victims.<\/p>\n

Atomic, which began operating in April 2023, targets administrator and keychain credentials, while Lumma has been operational since 2022 and concentrates on cryptocurrency wallets and two-factor authentication browser extensions.<\/p>\n

\n

AMOS and Lumma info stealers have recently been distributed via Reddit posts targeting Mac and Windows users in the crypto space, draining their wallets and stealing personal data. One of the common lures is a cracked version of the popular trading platform TradingView.<\/p>\n

A \"\ud83e\uddf5\" pic.twitter.com\/nRweAYv74x<\/a><\/p>\n

\u2014 Malwarebytes (@Malwarebytes) March 19, 2025<\/a><\/p>\n<\/blockquote>\n

Scammers Act Helpful While Spreading Malware<\/h2>\n

The manner in which the perpetrators interact with potential victims is what distinguishes this scam. The fraudsters are present on cryptocurrency subreddits<\/a>, where they post links to what they claim are free \u201ccracked\u201d versions of premium financial graphing software for both Windows and Mac.<\/p>\n

<\/p>\n

Segura observed in the blog post that the original poster\u2019s involvement in the thread is intriguing, as they are \u201chelpful\u201d to users who are asking inquiries or reporting an issue. This additional effort to appear legitimate is instrumental in persuading a greater number of individuals to obtain the hazardous files.<\/p>\n

Warning Signs Point To Malicious Software<\/p>\n

The infected files exhibit distinct warning signs that users should be aware of, according to Malwarebytes\u2019 analysis. Legitimate software does not employ the distribution method of double-zipped files with password protection, which is the case with the malware.<\/a><\/p>\n

\"\"<\/p>\n

Another significant red flag is that the scammers frequently request that users disable their security software in order to execute the program. The poster\u2019s helpful comments obscure the disclaimer that users download at their own risk, despite the fact that the post acknowledges this.<\/p>\n

Crypto Crime Becomes More Professional<\/p>\n

Meanwhile, the attack\u2019s trail leads to unexpected locations. Malwarebytes discovered that the malware was hosted on a website owned by a cleaning company in Dubai, while the command and control server was registered in Russia approximately one week ago.<\/p>\n

Chainalysis\u2019s 2025 Crypto Crime Report describes a broader pattern in which crypto crime has \u201centered a professionalized era dominated by AI-driven schemes, stablecoin laundering, and efficient cyber syndicates.\u201d This scam is part of this pattern. The report disclosed that illicit cryptocurrency transactions reached over $50 billion in the previous year.<\/p>\n

Featured image from Gemini Imagen, chart from TradingView<\/em><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

A new threat is emerging from hackers who are disseminating hazardous software to Reddit users who are seeking free trading tools. Malwarebytes, a cybersecurity firm, has reported that scammers have installed malware in phony \u201ccracked\u201d versions of TradingView Premium. This malware has the potential to pilfer personal information and empty crypto wallets. Malwarebytes Senior security […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-18306","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/18306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=18306"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/18306\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=18306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=18306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=18306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}