Crypto scammers are exploiting a sophisticated new method involving malicious links that mimic the popular video conferencing platform Zoom. On July 22, NFT collector and cybersecurity engineer “NFT_Dreww” warned the online community about this dangerous scam targeting crypto holders.
According to “NFT_Dreww,” the scammers lure targets, often NFT owners or crypto whales, by offering to license their intellectual property, inviting them to Twitter Spaces, or recruiting them for new projects. They insist on using Zoom for meetings and provide a malicious link disguised as a legitimate Zoom meeting invite.
When the unsuspecting user clicks the link, they encounter a fake Zoom page that appears to be stuck loading. This page then prompts them to download and install a file named ZoomInstallerFull.exe, which is actually malware. After installation, the page redirects to the official Zoom site, making the user think everything is normal. However, by this point, the malware has infiltrated the user’s system, stealing valuable data and cryptocurrency.
Technologist “Cipher0091,” credited by “NFT_Dreww” in his alert, explained that once the malware is executed, it adds itself to the Windows Defender exclusion list, bypassing antivirus protections. The malware then extracts all the user’s information while distracting them with a fake loading screen and various prompts.
The scammers continuously change their domain names to avoid detection, making it difficult for users to identify and report malicious links. This scam has already claimed five different domains.
This type of social engineering scam is not new but continues to evolve. Recently, several members of the crypto community have reported receiving emails with malicious attachments from scammers impersonating other crypto influencers and executives. These attachments, if opened, install malware designed to steal cryptocurrencies.
Crypto users are urged to verify the authenticity of links and invitations, especially those related to Zoom meetings, to avoid falling victim to these scams.
Contact us ontelegramfor media partnerships and for ourNFTwhitelist.