Security researcher SlowMist is warning crypto users about a new scam that has garnered attention in the space. According to the official announcement on December 27th, SlowMist is cautioning users against falling for phishing scams that pose as Zoom meeting links.
Using these fake meeting links, hackers are gathering user data, decrypting it, and then taking private keys and mnemonic phrases—sensitive information. These assaults frequently mix trojan and social engineering approaches.
How Does The Scam Operate?
According to the official report, a number of X users reported a phishing assault that was masquerading as links to Zoom meetings. In one instance, millions of dollars worth of cryptocurrency assets were stolen when a victim clicked on a phony Zoom conference link and then installed malicious software.
The attacker impersonated a genuine Zoom meeting link by using a domain that looked similar to “app[.]us4zoom[.]us.” The website was a close imitation of the real Zoom meeting interface. Instead of starting the local Zoom client, users’ clicks on the “Launch Meeting” button caused a malicious installation package to be downloaded.
This results in the loss of private data and eventually crypto money as well.
Read Also: Crypto Hack: SlowMist Uncovers Critical Wallet Security Breach In Humanity Protocol
New Malicious Theft Comes As Crypto Money Lost in 2024 Sees Rise
SlowMist’s warning comes against the backdrop of crypto-related thefts steadily increasing in 2024. With 303 hacking incidents in 2024 compared to 282 in 2023, the total amount of money taken increased by roughly 21.07% year-over-year (YoY) to $2.2 billion.
These incidents raise an important question about the safety and security of funds in the crypto space. However, it is also noteworthy that phishing scams have been rising in the crypto space.
In the past year, phishing attempts have become more sophisticated than ever before due to the widespread use of generative AI tools. AI developments are transforming the phishing threat landscape and changing the way fraudsters work.
Furthermore, new technology has made it easier than ever for even novices to carry out sophisticated and convincing phishing assaults by democratizing the ability to plan intricate phishing campaigns. In particular, this change is making it easier for inexperienced fraudsters to initiate incredibly realistic, customized schemes.
As a result, businesses today have a plethora of new difficulties in safeguarding their information and systems from the growing wave of phishing attempts.
Due to this, many in the crypto world are trying to stay alert and vigilant in terms of safety of their funds.