Crypto scammers have launched a new phishing attack using fake Zoom links to install malware on victims' computers.
On July 22, cybersecurity expert “NFT_Dreww” alerted the community about this sophisticated scam on X (formerly Twitter), revealing that it has already led to $300,000 in stolen cryptocurrency.
Here’s how it works: Scammers target NFT holders or crypto investors by pretending to be interested in their intellectual property or proposing collaborations. They insist on using Zoom for communication and send a link to join a meeting.
The link leads to a fake Zoom page with a loading screen that prompts users to download “ZoomInstallerFull.exe,” which is actually malware.
Once the malware is installed, it infiltrates the victim’s computer and redirects them to the real Zoom platform, making the scam less noticeable. The malware adds itself to the Windows Defender exclusion list to avoid detection and begins extracting information while the user is distracted by the fake loading process.
To stay under the radar, scammers frequently change their domain names. This is their fifth domain for this scam. Recently, there have also been reports of malicious emails from scammers posing as crypto influencers, containing attachments designed to install malware.
The notorious hacking group known for its crypto thefts has lost access to nearly $5 million in stablecoins, following actions taken by stablecoin issuers to freeze the funds.
Binance has issued a warning about a malware attack targeting its users, which alters cryptocurrency withdrawal addresses.
Prosecutors have introduced new internal documents from Bithumb in their ongoing case against Lee Sang-joon, the exchange’s former CEO.
Sam Bankman-Fried, the former CEO and co-founder of FTX currently serving a prison sentence, has filed an appeal seeking to overturn his fraud conviction, according to court documents submitted on Friday.