Cybercriminals are ramping up efforts to deceive TradingView users by exploiting YouTube with fraudulent channels that push malware disguised as legitimate trading tools. These scam operations are becoming increasingly sophisticated, putting unsuspecting traders especially those involved in crypto at serious risk.
Fraudsters Impersonate TradingView to Spread Malware
TradingView, a popular platform for traders and investors, has raised the alarm about a disturbing trend: the use of hijacked or stolen YouTube accounts to impersonate the company. These accounts often have verified badges and a significant number of subscribers, making them look authentic to the average viewer.
Scammers behind these operations upload fake content such as livestreams, tutorials, and promotional videos claiming to offer special “developer versions” or hacked premium TradingView software. What users end up downloading, however, are files embedded with malicious code most commonly a Windows PowerShell script that installs a Remote Access Trojan (RAT) onto the victim’s computer.
Once installed, the RAT gives the attacker full access to the infected system, allowing them to steal private information. Many victims have reported that their cryptocurrency wallets were compromised, resulting in significant financial losses.
The Danger Behind Seemingly Legitimate Content
These fraudulent channels aren’t amateur operations. They often employ elaborate methods to appear trustworthy, including:
- Deepfake hosts mimicking real TradingView representatives
- Doctored comment sections with fake praise
- Professional-looking branding and overlays that mirror official content
These tactics are designed to make users let their guard down, leading them to follow dangerous instructions or download infected files.
What TradingView Users Should Do to Stay Safe
TradingView has emphasized that its software should only be downloaded from its official website or trusted app stores. The company will never ask users to run command-line scripts or PowerShell commands during installation. Any such request is a red flag and should be ignored immediately.
Users are also warned to be cautious of offers that seem too good to be true, like free access to premium tools or giveaways promoted through unofficial channels.
Steps to Take If You Think You’ve Been Targeted
For those who may have interacted with these scam channels or downloaded suspicious files, TradingView recommends the following immediate actions:
- Disconnect from the internet to prevent further data exposure.
- Run a full malware scan using a trusted antivirus or anti-malware tool.
- Change all passwords, especially for cryptocurrency wallets and trading platforms.
- Notify your wallet provider about the breach.
- Move your funds to a new, secure wallet to minimize potential losses.
TradingView is reportedly working with YouTube and law enforcement to track down and shut these fake accounts, but the platform urges users to remain vigilant and report any suspicious content.
