新的加密货币骗局利用了交易杂志溢价的破解版本来窃取资金

网络安全专家已经发出了有关通过伪造的“破解”交易杂志Premium的“破解”版本针对加密货币持有人的新骗局的警报。

Cybersecurity experts at Malwarebytes have sounded the alarm about a new scam targeting cryptocurrency holders with fake “cracked” versions of TradingView Premium. The popular trading platform’s name is being used to distribute dangerous malware that can steal crypto assets.

Malwarebytes的网络安全专家对以伪造的“破解”版本的TradingView Premium的伪造持有者发出了警报。流行的交易平台的名称用于分发可以窃取加密资产的危险恶意软件。

As Malwarebytes recently discovered, several strains of info-stealer malware have been actively spread through Reddit posts, specifically targeting crypto users on both Mac and Windows operating systems.

正如Malwarebytes最近发现的那样，已经通过REDDIT帖子积极传播了几种信息窃取者恶意软件，这些帖子专门针对Mac和Windows操作系统上的加密用户。

The scammers advertise “TradingView Premium Cracked” programs, claiming to provide access to premium features for free. However, users who click on the download links are redirected to websites unrelated to TradingView’s official domain. These fake downloads contain the harmful software.

骗子宣传“ Tradingview Premium破解”计划，声称可以免费提供获得高级功能的访问权限。但是，单击下载链接的用户将重定向到与TradingView的官方域无关的网站。这些假下载包含有害软件。

Mac users who fall for the scam will encounter AMOS malware, designed to steal personal credentials from Macs. Windows users, on the other hand, face an even more dangerous threat called Lumma Stealer, which has been active since 2022.

陷入骗局的Mac用户将遇到AMOS恶意软件，旨在从Mac中窃取个人凭据。另一方面，Windows用户面临着一个更危险的威胁，称为Lumma窃取器，该威胁自2022年以来一直活跃。

Lumma Stealer is programmed to steal cryptocurrency wallets and two-factor authentication browser extensions, effectively circumventing the security measures that many crypto holders rely upon. Another malware variant, Atomic Stealer, first discovered in April 2023, is also known for capturing administrator and keychain passwords.

Lumma窃取器被编程为窃取加密货币钱包和两因素身份验证浏览器扩展程序，从而有效地规避了许多加密持有人所依赖的安全措施。另一个恶意软件变体Atomic Stealer于2023年4月首次发现，也以捕获管理员和钥匙扣密码而闻名。

Jerome Segura, a senior security researcher at MalwareBytes, highlighted an interesting aspect of this scheme. Unlike typical link posters who leave no contact information, the scammers involved in this particular scheme remain engaged.

Malwarebytes的高级安全研究员Jerome Segura强调了该计划的一个有趣方面。与没有留下联系信息的典型链接海报不同，参与此特定计划的骗子仍然参与其中。

“What’s interesting with this particular scheme is how involved the original poster is,” Segura noted in a March 18 blog post. As he explained, the scammers actively participate in the comment sections of their posts, offering ‘help’ to users who have questions or report issues with the downloads.”

Segura在3月18日的博客文章中指出：“这种特定计划的有趣的是原始海报的涉及方式。”正如他所解释的那样，骗子积极参与其帖子的评论部分，向有疑问或报告下载问题的用户提供“帮助”。”

This approach adds credibility to their scam and increases the likelihood of successful infections.

这种方法为他们的骗局增添了信誉，并增加了成功感染的可能性。

Furthermore, Malwarebytes researchers were able to uncover some clues about the origin of the malware. The website hosting the files belonged to a Dubai cleaning company, while the command and control server for the malware had been registered by someone in Russia, just one week prior to the discovery.

此外，恶意软件研究人员能够发现有关恶意软件起源的一些线索。托管该文件的网站属于迪拜清洁公司，而该恶意软件的命令和控制服务器已由俄罗斯的某人注册，仅在发现前一周。

Segura points out that there are clear warning signs users should watch for. The malicious files are “double zipped,” with the final zip being password-protected. Legitimate software would not be distributed this way. Another red flag is instructions to disable security software so the program can run.

Segura指出，有明确的警告信号，用户应注意。恶意文件是“双重Zipped”，最终的ZIP受密码保护。合法软件不会以这种方式分发。另一个危险信号是禁用安全软件的指令，以便程序可以运行。

Some victims have already suffered losses from this scam. MalwareBytes reports cases where crypto wallets were emptied completely. In some instances, hackers then impersonated the victims, sending phishing links to the victims’ contacts to spread the infection further.

一些受害者已经因这种骗局而遭受了损失。 Malwarebytes报告了完全清空加密钱包的情况。在某些情况下，黑客冒充了受害者，将网络钓鱼链接发送到受害者的联系，以进一步传播感染。

This scheme is part of a growing trend in crypto crime. According to Blockchain analytics firm Chainalysis, there was $51 billion in illicit transaction volume in the past year.

该计划是加密犯罪趋势增长趋势的一部分。根据区块链分析公司的链分析，过去一年的非法交易量为510亿美元。

In its 2023 Crypto Crime Report, Chainalysis found that crypto crime has entered a more sophisticated era, with new trends emerging. Among the key findings, the firm highlighted AI-driven scams, stablecoin laundering, and efficient cyber crime operations.

Chainalysis在其2023年的加密犯罪报告中发现，加密犯罪进入了一个更加复杂的时代，新趋势出现了。在关键发现中，该公司强调了AI驱动的骗局，稳定的洗钱和有效的网络犯罪行动。

Crypto users are advised to download software only from official sources. Any offer promising premium features for free should be treated with extreme caution as it is likely a scam.

建议使用加密用户仅从官方来源下载软件。任何有希望的免费溢价功能都应谨慎对待，因为这可能是骗局。