-

Author: Leexim

Cracked TradingView is a Crypto-Stealing Trojan

Scammers are posting links to malware-ridden software disguised as a free version of TradingView Premium on Reddit.

Cracked Tradingview Is A Crypto Stealing Trojan

Cybersecurity firm Malwarebytes has warned about a new form of crypto-stealing malware hidden inside a “cracked” version of TradingView Premium, a software that provides charting tools for financial markets.

According to Jerome Segura, a senior security researcher at Malwarebytes, the scammers are lurking on crypto subreddits, posting links to Windows and Mac installers for “TradingView Premium Cracked,” which is laced with malware designed to steal personal data and drain crypto wallets.

“We have heard of victims whose crypto wallets were emptied and who were subsequently impersonated by criminals who sent phishing links to their contacts,” Segura said in a March 18 blog post.

Fraudsters Claim The Programs Are Free And Have Been Cracked Directly From Their Official Version, But They Are Actually Riddled With Malware
Fraudsters Claim The Programs Are Free And Have Been Cracked Directly From Their Official Version, But They Are Actually Riddled With Malware

Cracked Software Contains Two Dangerous Malware Programs

The fraudsters claim that the software is free and has been “cracked” directly from the official version, unlocking premium features. In reality, it contains two malware programs: Lumma Stealer and Atomic Stealer.

  • Lumma Stealer, which has been around since 2022, primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions.
  • Atomic Stealer, first discovered in April 2023, is known for its ability to capture sensitive data such as administrator passwords and keychain information.

Not only are scammers offering “TradingView Premium Cracked,” but they are also promoting other fraudulent trading programs targeting crypto traders on Reddit.

Deceptive Scheme: Pretending to Assist Users

One interesting aspect of this scam is that the scammers go the extra mile to pretend to be helpful, assisting users with downloading the malware-ridden software and resolving any issues they encounter.

“What’s interesting with this particular scheme is how involved the original poster is, going through the thread and being ‘helpful’ to users asking questions or reporting an issue,” Segura said.

“While the original post gives a heads-up that you are installing these files at your own risk, further down in the thread, we can read comments from the original poster,” he added.

Source of the Malware and Warning Signs

In This Case, The Scammer Sticks Around To Assist Users In Downloading The Malware Ridden Software
In This Case, The Scammer Sticks Around To Assist Users In Downloading The Malware Ridden Software

The exact origin of the malware is unclear, but Malwarebytes discovered that the website hosting the files belonged to a Dubai-based cleaning company. Additionally, the malware command and control server was registered by someone in Russia about a week ago.

Segura noted that cracked software has been a known vehicle for malware distribution for decades, but the “lure of a free lunch is still very appealing.”

Malwarebytes also highlighted some common red flags to look out for in such scams:

  • Instructions to disable security software to allow the program to run.
  • Files that are password-protected and zipped multiple times – an unnecessary step for legitimate software.

In this case, Segura explains that the “files are double zipped, with the final zip being password protected. For comparison, a legitimate executable would not need to be distributed in such a fashion.”

Crypto Crime Enters a “Professionalized” Era

According to the 2025 Crypto Crime Report by blockchain analytics firm Chainalysis, crypto crime has entered a more professionalized era, dominated by AI-driven scams, stablecoin laundering, and efficient cyber syndicates.

Last year, the analytics firm estimated that illicit transactions amounted to a staggering $51 billion.

Love

0.0/5

Love

Latest

Pump.fun Acquires Kolscan Wallet Tracker Ahead Of $600 Million Ico

News | Editor Choice | Memecoin 11/07/2025

Pump.fun Acquires Kolscan Wallet Tracker Ahead of $600 Million ICO

Pump.fun has unexpectedly acquired the Kolscan wallet tracking tool just ahead of its $600 million ICO, aiming to enhance its analytics capabilities and expand its social trading ecosystem on the blockchain.

Xrp Could Surge To $11, $20, Or Even $30 If Historical Pattern Repeats

News | Altcoin | Editor Choice 11/07/2025

XRP Could Surge to $11, $20, or Even $30 If Historical Pattern Repeats

XRP is expected to enter a strong bullish cycle after successfully retesting a key EMA level, with potential price targets of $11, $20, or even $30 if historical trends repeat.

Invite Friends For Big Rewards On Mexc!

Airdrops | Editor Choice 11/07/2025

Invite Friends for Big Rewards on MEXC!

Join the referral program at MEXC and invite your friends to trade cryptocurrencies to earn exciting rewards!

Robinhood Launches Ethereum And Solana Staking For U.s. Users

News | Editor Choice | Policy & Regulations 11/07/2025

Robinhood Launches Ethereum and Solana Staking for U.S. Users

Robinhood has officially launched Ethereum and Solana staking for U.S. users, allowing participation starting from just $1 as it ramps up its ambitions in the crypto space.

Bnb Foundation Continues To Burn Bnb Worth Up To $1 Billion

Airdrops | Editor Choice 11/07/2025

BNB Foundation Continues to Burn BNB Worth Up to $1 Billion

The BNB Foundation has announced its 32nd token burn, destroying 1,595,599.78 BNB, equivalent to approximately $1.024 billion. This reduces the total remaining supply to 139,289,513.94 BNB.