A slick phishing campaign uses a counterfeit “TradingClaw” assistant to compromise traders’ browsers, steal crypto wallets, and hijack financial accounts.