Security researchers have documented several crack versions circulating under LiquidText's name that contained the "RedLine Stealer" malware—a credential-harvesting Trojan that sends browser cookies, saved logins, and autofill data to remote servers. Victims reported compromised email accounts, social media takeovers, and even attempted bank fraud within days of installation.