- Malware-infected “cracked” versions of TradingView Premium are being distributed on Reddit cryptocurrency forums.
- The malware variants (Lumma Stealer for Windows and AMOS for Mac) steal crypto wallet credentials, passwords, and 2FA information.
- Scammers actively engage with potential victims, even providing instructions to bypass Mac security measures.
Cryptocurrency users are being targeted by sophisticated malware disguised as free “cracked” versions of TradingView Premium, resulting in complete wallet drains and identity theft. The malicious software, being distributed primarily through Reddit cryptocurrency communities, contains data-stealing payloads that capture sensitive wallet information and authentication credentials.
Security researchers at Malwarebytes have identified two distinct malware variants deployed in this campaign: Lumma Stealer targeting Windows users and Atomic Stealer (AMOS) focusing on Mac systems. Both variants are specifically designed to exfiltrate cryptocurrency credentials and bypass security measures.
“What’s interesting with this particular scheme is how involved the original poster is,” noted Jérôme Segura, a senior security researcher at Malwarebytes, in a blog post analyzing the attack.
The operation demonstrates unusual persistence, with attackers actively engaging potential victims through Reddit comments. These bad actors pose as helpful community members, providing step-by-step instructions to circumvent critical security protections. In one documented case, a scammer advised a user: “That ‘Apple could not verify’ warning is just Apple being extra cautious… Don’t worry, though – a real virus on a Mac would be wild, and I’ve never seen one sneak through like that!”
Technical analysis of the AMOS malware shows it transmits stolen data to servers based in the Seychelles. The information captured includes passwords, two-factor authentication codes, and cryptocurrency wallet credentials. The Lumma Stealer variant, which has been active since 2022, specifically targets cryptocurrency wallets and browser extensions used for two-factor authentication.
The attack doesn’t en
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin Climbs After Fed Rate Decision, But New Threat Emerges as Trump’s Crypto Policy Announcement Looms
- Uranium Digital Secures $6.1M in Seed Funding to Build First Institutional Uranium Trading Platform
- South Korean Prosecutors Raid Bithumb Exchange Over Former CEO’s Alleged $2 Million Embezzlement
- Global Kindness Contest Reaches 10 Million Views Across 150 Nations in 11 Languages
- Public Blockchains Drive Enterprise Innovation: Transparency and Smart Contracts Reduce Costs While Boosting Security
