A dangerous new crypto scam targeting traders has emerged, with hackers deploying sophisticated malware through fake TradingView Premium software that’s already claimed multiple victims. This critical security threat, identified by Malwarebytes researchers, represents a significant escalation in crypto-targeting malware attacks.
This development comes amid a broader surge in Russian cybercrime targeting crypto users, highlighting the growing sophistication of digital asset theft operations.
Key Threat Details: Dual Malware Attack
- Two malware variants: Lumma Stealer and Atomic Stealer working in tandem
- Targets both Windows and Mac users
- Specifically designed to drain crypto wallets and steal personal data
- Command and control server traced to Russia
SPONSORED
Trade securely with institutional-grade security and up to 100x leverage
How the Scam Works
The attackers have developed a sophisticated social engineering approach:
- Target Reddit cryptocurrency communities
- Offer ‘cracked’ versions of TradingView Premium
- Maintain active presence in threads to appear legitimate
- Distribute malware through password-protected zip files
- Request users disable security software
Warning Signs to Watch For
- Double-zipped files with password protection
- Requests to disable antivirus software
- Promises of free premium trading tools
- ‘Helpful’ posters offering technical support
Impact and Losses
The attack has resulted in:
- Multiple crypto wallets completely drained
- Identity theft and credential compromise
- Secondary phishing attacks using stolen identities
- Compromise of 2FA authentication systems
Expert Analysis
‘This represents a new level of sophistication in crypto-targeting malware. The combination of social engineering and dual-threat malware makes this particularly dangerous for traders,’ – Jerome Segura, Senior Security Researcher at Malwarebytes
Protection Measures
- Only download trading software from official sources
- Never disable antivirus software for any installation
- Be suspicious of ‘cracked’ or ‘free’ premium software
- Use hardware wallets for crypto storage
- Enable 2FA on all trading accounts
FAQ
How can I check if my system is infected?
Run a full system scan with updated antivirus software and check for unauthorized wallet transactions.
What should I do if I’ve downloaded the fake TradingView software?
Immediately disconnect from the internet, run malware scans, and transfer any crypto assets to a secure wallet from a clean device.
How can I report these scammers?
Report suspicious Reddit posts to moderators and file reports with relevant cybercrime authorities.
As crypto crime continues to evolve, staying informed about the latest threats and maintaining strong security practices is crucial for all traders and investors.