Fake Zoom links are currently being distributed to hide malware targeting cryptocurrency wallets. What is this particularly hard-to-spot scam and how can you protect yourself from it?
Zoom Link Scam: What Does It Look Like?
The scam was reported by X user and cybersecurity expert NFT_Dreww, who provided a comprehensive analysis of the method. He reports that the scam is ” extremely sophisticated» and allows criminals to walk away with all the information stored on a device.
The scam targets non-fungible token (NFT) holders, particularly those who feature their NFT on their X profile pictureScammers offer the holder to license their intellectual property, join an X Space meeting, or join a team for a cryptocurrency-related project.
👉 Don’t miss our guide – How to secure and store your cryptocurrencies?
A Zoom link is then sent by the scammers for a fake appointment. The sophistication comes from the appearance of the link, which strongly resembles a legitimate link for a meeting with the video conferencing application :
3/ Hold on, let's take a step back. That was a legit zoom link though right? Is zoom hacked? Answer: Nope….
*.zoom[.]us is the legit domain, it uses the sub-domain usXXweb.zoom[.]us when in the US and XX being a number based on your geo-location for you to download and install… pic.twitter.com/yUSmk1MkAQ
— NFT_Dreww.eth (@nft_dreww) July 22, 2024
If the victim clicks on this fraudulent link, they are redirected to a page that appears to be legitimate. However, the “meeting” does not appear to load, prompting the victim to install the Zoom app. She is then prompted to download a file named “ZoomInstallerFull.exe” from the same page.
Ledger: the best solution to protect your cryptocurrencies 🔒
Malware that runs very quietly
If this malware is installed on the person's device, it immediately searches for and steals the information that is present. The victim does not realize it, because the application automatically adds itself to the Windows antivirus whitelist when launched.
“The application starts running and extracting all your information, while the software distracts you with a fake loading page […].Once this is done, it redirects you to the real Zoom homepage, as if nothing happened.
🌐 Also in the news – WazirX hack: Crypto exchange suspends trading, investigates stolen $230 million
The scam is discreet, because Only a thorough check of the Zoom link can raise suspicions. Furthermore, there is no sign that an attack has taken place, and the person may simply think that they failed to install Zoom.
The analyst therefore urges users to exercise the greatest caution when contacting them on social networks. He claims the method has allowed more than $300,000 to be stolen at this point.. It is also an opportunity to remind that “cold” storage is always preferable to really keep your cryptocurrencies safe.
Join the Cryptoast community on Discord
Source: NFT_Dreww via X
The #1 Crypto Newsletter 🍞
Receive a daily crypto news recap by email 👌
What you need to know about affiliate links. This page may feature investment-related assets, products, or services. Some links in this article may be affiliate links. This means that if you purchase a product or sign up for a site from this article, our partner pays us a commission. This allows us to continue to provide you with original and useful content. There is no impact on you and you can even get a bonus for using our links.
Investing in cryptocurrencies is risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers must do their own research before taking any action and only invest within the limits of their financial capacities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with a high return potential implies a high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of these savings. Do not invest if you are not prepared to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.
A journalist at Cryptoast since 2017, I am passionate about the issues of decentralization, privacy and regulation. I specialize in traditional economics and finance, analyzing how news from this sector influences the cryptocurrency sector, offering a unique and informed perspective to Cryptoast readers.
Marine Debelloir
3062 articles
