$BTC $SOL $GMT Blockchain security company SlowMist has analyzed popular phishing attacks involving hackers who imitate the online conferencing platform Zoom, using the process to steal victims’ sensitive data and, in some cases, their crypto assets. In a recent post, SlowMist shared a victim’s experience and explained how the criminals operate.
In this case, it is about user X, who was lured by hackers to click on a disguised link that looked like an invitation to an online meeting on Zoom. Recounting his ordeal, the victim claimed that the hackers broke into his accounts and stole his cryptocurrencies. Therefore, he advised users to be vigilant and avoid clicking on unverified links.
Although he hired a blockchain expert, the victim admitted that the chances of recovering the stolen funds were low. However, he believes that his story will go a long way in preventing other cryptocurrency users from falling victim to similar pranks, given the relentless efforts of hackers to break into the online accounts of internet users.
In its analysis, SlowMist found that clicking the “Start Meeting” button in the fake Zoom link downloaded a malicious installation package instead of opening the local Zoom client. The downloaded data contained a login script that sent messages via the Telegram API in Russian.
SlowMist shared several images showing aspects of the malicious content and explaining how it works to steal user data. It is worth noting that the attack process is activated after users enter their passwords following the prompts of the malicious component. Therefore, the security firm advised internet users to be vigilant and cautious when responding to information from unverified sources.
SlowMist's report showed that at the time of analysis, the hacker in question had made over $1 million in profit from various victims.#
