新的加密貨幣騙局利用了交易雜誌溢價的破解版本來竊取資金

網絡安全專家已經發出了有關通過偽造的“破解”交易雜誌Premium的“破解”版本針對加密貨幣持有人的新騙局的警報。

Cybersecurity experts at Malwarebytes have sounded the alarm about a new scam targeting cryptocurrency holders with fake “cracked” versions of TradingView Premium. The popular trading platform’s name is being used to distribute dangerous malware that can steal crypto assets.

Malwarebytes的網絡安全專家對以偽造的“破解”版本的TradingView Premium的偽造持有者發出了警報。流行的交易平台的名稱用於分發可以竊取加密資產的危險惡意軟件。

As Malwarebytes recently discovered, several strains of info-stealer malware have been actively spread through Reddit posts, specifically targeting crypto users on both Mac and Windows operating systems.

正如Malwarebytes最近發現的那樣，已經通過REDDIT帖子積極傳播了幾種信息竊取者惡意軟件，這些帖子專門針對Mac和Windows操作系統上的加密用戶。

The scammers advertise “TradingView Premium Cracked” programs, claiming to provide access to premium features for free. However, users who click on the download links are redirected to websites unrelated to TradingView’s official domain. These fake downloads contain the harmful software.

騙子宣傳“ Tradingview Premium破解”計劃，聲稱可以免費提供獲得高級功能的訪問權限。但是，單擊下載鏈接的用戶將重定向到與TradingView的官方域無關的網站。這些假下載包含有害軟件。

Mac users who fall for the scam will encounter AMOS malware, designed to steal personal credentials from Macs. Windows users, on the other hand, face an even more dangerous threat called Lumma Stealer, which has been active since 2022.

陷入騙局的Mac用戶將遇到AMOS惡意軟件，旨在從Mac中竊取個人憑據。另一方面，Windows用戶面臨著一個更危險的威脅，稱為Lumma竊取器，該威脅自2022年以來一直活躍。

Lumma Stealer is programmed to steal cryptocurrency wallets and two-factor authentication browser extensions, effectively circumventing the security measures that many crypto holders rely upon. Another malware variant, Atomic Stealer, first discovered in April 2023, is also known for capturing administrator and keychain passwords.

Lumma竊取器被編程為竊取加密貨幣錢包和兩因素身份驗證瀏覽器擴展程序，從而有效地規避了許多加密持有人所依賴的安全措施。另一個惡意軟件變體Atomic Stealer於2023年4月首次發現，也以捕獲管理員和鑰匙扣密碼而聞名。

Jerome Segura, a senior security researcher at MalwareBytes, highlighted an interesting aspect of this scheme. Unlike typical link posters who leave no contact information, the scammers involved in this particular scheme remain engaged.

Malwarebytes的高級安全研究員Jerome Segura強調了該計劃的一個有趣方面。與沒有留下聯繫信息的典型鏈接海報不同，參與此特定計劃的騙子仍然參與其中。

“What’s interesting with this particular scheme is how involved the original poster is,” Segura noted in a March 18 blog post. As he explained, the scammers actively participate in the comment sections of their posts, offering ‘help’ to users who have questions or report issues with the downloads.”

Segura在3月18日的博客文章中指出：“這種特定計劃的有趣的是原始海報的涉及方式。”正如他所解釋的那樣，騙子積極參與其帖子的評論部分，向有疑問或報告下載問題的用戶提供“幫助”。”

This approach adds credibility to their scam and increases the likelihood of successful infections.

這種方法為他們的騙局增添了信譽，並增加了成功感染的可能性。

Furthermore, Malwarebytes researchers were able to uncover some clues about the origin of the malware. The website hosting the files belonged to a Dubai cleaning company, while the command and control server for the malware had been registered by someone in Russia, just one week prior to the discovery.

此外，惡意軟件研究人員能夠發現有關惡意軟件起源的一些線索。託管該文件的網站屬於迪拜清潔公司，而該惡意軟件的命令和控制服務器已由俄羅斯的某人註冊，僅在發現前一周。

Segura points out that there are clear warning signs users should watch for. The malicious files are “double zipped,” with the final zip being password-protected. Legitimate software would not be distributed this way. Another red flag is instructions to disable security software so the program can run.

Segura指出，有明確的警告信號，用戶應注意。惡意文件是“雙重Zipped”，最終的ZIP受密碼保護。合法軟件不會以這種方式分發。另一個危險信號是禁用安全軟件的指令，以便程序可以運行。

Some victims have already suffered losses from this scam. MalwareBytes reports cases where crypto wallets were emptied completely. In some instances, hackers then impersonated the victims, sending phishing links to the victims’ contacts to spread the infection further.

一些受害者已經因這種騙局而遭受了損失。 Malwarebytes報告了完全清空加密錢包的情況。在某些情況下，黑客冒充了受害者，將網絡釣魚鏈接發送到受害者的聯繫，以進一步傳播感染。

This scheme is part of a growing trend in crypto crime. According to Blockchain analytics firm Chainalysis, there was $51 billion in illicit transaction volume in the past year.

該計劃是加密犯罪趨勢增長趨勢的一部分。根據區塊鏈分析公司的鏈分析，過去一年的非法交易量為510億美元。

In its 2023 Crypto Crime Report, Chainalysis found that crypto crime has entered a more sophisticated era, with new trends emerging. Among the key findings, the firm highlighted AI-driven scams, stablecoin laundering, and efficient cyber crime operations.

Chainalysis在其2023年的加密犯罪報告中發現，加密犯罪進入了一個更加複雜的時代，新趨勢出現了。在關鍵發現中，該公司強調了AI驅動的騙局，穩定的洗錢和有效的網絡犯罪行動。

Crypto users are advised to download software only from official sources. Any offer promising premium features for free should be treated with extreme caution as it is likely a scam.

建議使用加密用戶僅從官方來源下載軟件。任何有希望的免費溢價功能都應謹慎對待，因為這可能是騙局。