Learn how Russian-linked hackers exploited Zoom meetings to target crypto users, stealing funds and compromising sensitive information.
Cybercriminals are once again using trustworthy tools for harmful purposes. This time, a phishing attempt focusing on phony Zoom meeting links resulted in large bitcoin losses for victims.
Fake Zoom Invites Mask Malware
A recent study by blockchain security startup SlowMist highlighted a sophisticated phishing attempt that targeted bitcoin users using bogus Zoom meeting links. The hack allegedly resulted in the theft of millions of digital assets.
It entailed the use of a counterfeit domain that resembled the legitimate one. This website imitated the legitimate Zoom interface to deceive unsuspecting visitors into downloading a malicious installation package. When the malware was activated.
It required users to input their system passwords, allowing the capture of sensitive information such as KeyChain data, browser credentials, and cryptocurrency wallet details.
SlowMist’s examination revealed that the malware’s code was a modified osascript script. The software retrieved and encrypted user information before sending it to a hacker-controlled site identified as dangerous by threat intelligence platforms.
The server’s IP address was tracked to the Netherlands, and the attackers’ monitoring tools, including records of Russian script usage, point to a connection with Russian-speaking agents.
On-chain tracking using SlowMist’s MistTrack tool revealed that the hackers’ principal wallet had gathered more over $1 million, converting stolen money to 296 ETH. Further transfers resulted in a secondary address, which is now associated with transactions on famous cryptocurrency exchanges like as Binance, Gate.io, and MEXC. A complicated network of smaller wallets and marked addresses, including those labeled “Angel Drainer” and “Pink Drainer,” facilitated fund distribution.
“These assaults frequently combine social engineering and Trojan tactics, leaving individuals open to exploitation. The SlowMist Security Team recommends that users thoroughly examine meeting links. Before clicking, avoid executing strange software and instructions. Install and update antivirus software on a regular basis.
Phishing Scams Hit Alarming Highs
There has been an increase in crypto phishing schemes recently. Crypto earlier this month, a bogus work meeting link shared over KakaoTalk cost a user $300,000 in bitcoin. The monies that had been hacked by malware were moved to a wallet affiliated with BingX. The URL contained malware that infected Ethereum and Solana wallets.
Another blockchain security specialist, Scam Sniffer, revealed. That more than $9.4 million was stolen in phishing attempts in only November.
Malicious blockchain signatures remain a major issue, as criminals use bogus transaction authorization to empty wallets, including high-profile thefts of over $36 million.
Read more: Crypto’s Elite Meet the Top 10 Billionaires of 2024
Crypto market predictions
Ripple news