ALERT: Crypto Wallets Emptied as Fake TradingView Premium Apps Spread Malware Through Reddit

  • Malware-infected “cracked” versions of TradingView Premium are being distributed on Reddit cryptocurrency forums.
  • The malware variants (Lumma Stealer for Windows and AMOS for Mac) steal crypto wallet credentials, passwords, and 2FA information.
  • Scammers actively engage with potential victims, even providing instructions to bypass Mac security measures.

Cryptocurrency users are being targeted by sophisticated malware disguised as free “cracked” versions of TradingView Premium, resulting in complete wallet drains and identity theft. The malicious software, being distributed primarily through Reddit cryptocurrency communities, contains data-stealing payloads that capture sensitive wallet information and authentication credentials.

- Advertisement -

Security researchers at Malwarebytes have identified two distinct malware variants deployed in this campaign: Lumma Stealer targeting Windows users and Atomic Stealer (AMOS) focusing on Mac systems. Both variants are specifically designed to exfiltrate cryptocurrency credentials and bypass security measures.

“What’s interesting with this particular scheme is how involved the original poster is,” noted Jérôme Segura, a senior security researcher at Malwarebytes, in a blog post analyzing the attack.

The operation demonstrates unusual persistence, with attackers actively engaging potential victims through Reddit comments. These bad actors pose as helpful community members, providing step-by-step instructions to circumvent critical security protections. In one documented case, a scammer advised a user: “That ‘Apple could not verify’ warning is just Apple being extra cautious… Don’t worry, though – a real virus on a Mac would be wild, and I’ve never seen one sneak through like that!”

Technical analysis of the AMOS malware shows it transmits stolen data to servers based in the Seychelles. The information captured includes passwords, two-factor authentication codes, and cryptocurrency wallet credentials. The Lumma Stealer variant, which has been active since 2022, specifically targets cryptocurrency wallets and browser extensions used for two-factor authentication.

The attack doesn’t en

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest

Michael Saylor Invites Joe Rogan to Discuss Bitcoin on Podcast

Michael Saylor has shown interest in discussing Bitcoin on The Joe Rogan Experience podcast.The idea has generated excitement in the Bitcoin community, with some...

Congress Debates Stablecoin Bill Amid Rising Bank and Crypto Tensions

U.S. lawmakers are moving forward with the Senate Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act, with debates set to resume after...

American Engineer Drugged, Robbed in Sophisticated London Crypto Heist

An American software engineer lost approximately $123,000 in cryptocurrency after being drugged and robbed in London.The victim was targeted by an impersonator posing as...

Max Keiser Doubts New Bitcoin Treasuries’ Discipline in Bear Market

Bitcoin-focused companies are increasingly copying the treasury strategy used by Michael Saylor's Strategy.Max Keiser raised doubts about whether these newer companies can maintain commitment...

South Korea Election Puts Crypto Policy at Center of Debate

Nearly one-third of South Koreans hold digital assets, making crypto a vital issue in the upcoming presidential election.Both major parties support crypto exchange-traded funds...

Must Read

Top 10 Best Cryptocurrency Lending Platforms

This article needs an update. Many of the platforms listed here have closed their doors.In this article, we are presenting the best cryptocurrency lending...