A new crypto scam is making waves. It uses a fake Zoom page. The scam has already nabbed $300,000 in digital assets.
NFT collector and cybersecurity expert "NFT_Dreww" sounded the alarm on X. He called it "extremely sophisticated". The scam targets NFT holders and crypto whales.
Scammers reach out with tempting offers. They might propose licensing deals or project collaborations. They then push for a Zoom call. The link they send looks legit, but it's not.
Clicking the link leads to trouble. Users see a loading screen that never ends. It prompts a download of "ZoomInstallerFull.exe". This file is actually malware.
The page then redirects to the real Zoom. By this point, it's too late. The malware has already done its job.
Technologist "Cipher0091" provided more details. The malware adds itself to the Windows Defender exclusion list. This sneaky move helps it avoid detection.
"It begins executing and extracting all your information," NFT_Dreww explained. The fake loading page serves as a distraction. Meanwhile, the malware goes to work.
The scammers are clever. They keep changing domain names to stay under the radar. This is their fifth domain for this particular scam.
Social engineering in crypto scams isn't new. But it's evolving fast. Several crypto community members reported dodgy emails this week. These emails impersonated well-known crypto figures.
The emails contain malicious attachments. If opened, they likely install crypto-stealing malware. It's a reminder to stay vigilant in the wild west of crypto.