Tuesday, October 8, 2024

Fake Zoom malware steals crypto while it’s ‘stuck’ loading, user warns

Share

spot_img
spot_img

A malicious Zoom look-alike makes it seem like a video conference is stuck in infinite loading, prompting users to install and run even better-disguised malware than before.

Crypto scammers are up to no good again, and their latest weapon appears to be malicious links to a webpage that looks and feels almost exactly like the video conferencing platform Zoom, which prompts users to install malware when clicked.

On July 22, non-fungible token collector and cybersecurity engineer “NFT_Dreww” alerted X users to a new “extremely sophisticated” crypto scam involving fake links for Zoom.

Drew said the scammers have already stolen $300,000 worth of crypto from the method.

How the scam works

Like many social engineering scams, Drew explained that scammers typically target non-fungible token (NFT holders or crypto whales, asking if they would be interested in licensing their intellectual property, inviting them to Twitter Spaces, or asking them to join a team for a new project.

The scammers will insist on using Zoom and hurry the target to join a meeting in progress using a hard-to-notice malicious link.

“It’s extremely easy to fall for this… I doubt 80% of people verify each character in a link that’s sent, especially a Zoom link.”

Once the link is clicked, the user will be met with a “stuck” page showing an infinite loading screen. The page will then prompt the user to download and install ZoomInstallerFull.exe, which is actually malware.

Once installed, the page will redirect back to the official Zoom platform, making the user believe it worked, but by then, the malware has already infiltrated the target computer and stolen the data and loot, explained Drew.

According to technologist “Cipher0091,” whom Drew also credits for his X thread, when the malware is first executed, it adds itself to the Windows Defender exclusion list to prevent antivirus systems from blocking it.

“Then it begins executing and extracting all your information while the software is distracting you with the “spinning loading page” and going through the process of accepting T&Cs, etc,” explained Drew.

He added that the scammers will keep changing domain names to prevent them from being flagged, and this was their fifth domain so far for this scam.

Social engineering crypto scams are not new, but they do keep evolving. Several crypto community members have reported receiving malicious emails this week from scammers impersonating other crypto influencers and executives.

The email contains a malicious attachment that will likely install crypto-stealing malware if executed.

Source:- COINTELEGRAPH

Marika Aros
Marika Aros
I’m Marika Aros, a dedicated freelance marketing specialist With 5 years of hands-on experience in the dynamic realm of digital marketing, I specialize in crafting compelling press releases, designing eye-catching banner ads, developing engaging sponsored posts, writing detailed review articles, conducting insightful interviews, and orchestrating successful events.

Table of contents

Transform Your Trading Activities With Alpha AI’s Advanced Automated Solution

In today’s financial landscape, trading—particularly in cryptocurrencies—has become increasingly complex and risky. Market volatility, the rapid pace of information flow, and the inherent challenges...

Read More

Crypto News