Malwarebytes has discovered new crypto-stealing malware hidden inside a cracked version of TradingView Premium, software widely used for financial market charting.
Spread of Malware on Reddit
Scammers are lurking on crypto subreddits, posting links to Windows and Mac installers for 'TradingView Premium Cracked', which contains malware targeting personal data and crypto wallets, according to senior security researcher at Malwarebytes, Jerome Segura, in his blog post.
Features of Lumma Stealer and Atomic Stealer Malware
The fraudsters claim the programs are free, offering cracked versions with premium features. However, they actually contain two malware programs: Lumma Stealer and Atomic Stealer. Lumma Stealer primarily targets cryptocurrency wallets and 2FA extensions, while Atomic Stealer captures data such as administrator and keychain passwords.
Expert Warnings and Precautions
Segura notes that cracked software often comes with risks. Experts highlight red flags, such as instructions to disable security software and password-protected files. Insights into these schemes can also be found in a Chainalysis report, which states that crypto crime is becoming more professionalized.
Malwarebytes reminds users that free software may pose significant threats and emphasizes the importance of caution when downloading apps from third parties.
