Cryptographic Malware Targeting Zoom Users
A new form of cryptographic malware has emerged, specifically targeting users of the popular cloud-based video conferencing platform Zoom. This malicious software aims to redirect users to fraudulent websites in order to steal their crypto assets.
On July 22, network security engineer “NFT_Dreww” uncovered a malicious website that closely resembled the authentic Zoom video call link.
Sophisticated Scam Tactics
The attack begins with social engineering, where scammers approach potential victims under the guise of offering investment opportunities or inviting them to join exclusive cryptocurrency market spaces. By utilizing fake Zoom URLs that closely mimic legitimate ones, scammers aim to deceive users into believing they are accessing a genuine platform.
NFT_Dreww highlights the importance of scrutinizing URLs, as the subtle differences, such as “-” in the domain name, can be misleading to unsuspecting users.
Malware Execution and Impact
Upon clicking the malicious link, users are led to a counterfeit Zoom page that resembles the authentic site. A file named “ZoomInstallerFull.exe” is then prompted for download, with users being tricked into installing it. After installation, the malware gains access to the victim’s system, extracting sensitive information.
Security experts have reported that this scam has resulted in the theft of over $300,000 in crypto assets from numerous users. It is advised to exercise caution when clicking on social media links and refrain from downloading any suspicious software.
As the cryptocurrency industry continues to expand, social engineering scams are becoming more intricate and prevalent. Recent incidents, such as phishing attacks on the Ethereum Foundation’s email addresses, serve as a reminder of the evolving tactics employed by cybercriminals.
In the first half of 2024 alone, these scams have led to the loss of over $300 million in cryptocurrency assets on the EVM chain.
The post Crypto scammers use fake Zoom malware to steal funds appeared first on Invezz