The fake Zoom phishing campaign causes significant damage to cryptocurrency users
- According to a report from blockchain security company SlowMist, a sophisticated phishing campaign has targeted cryptocurrency users through fake Zoom meeting links. The attacker has stolen millions in digital assets by using a counterfeit domain resembling the real Zoom.
- This fake website tricked users into downloading an installation package containing malware, thereby collecting sensitive information such as KeyChain data, browser login information, and cryptocurrency wallet details.
- SlowMist discovered that this malware is a modified osascript, which encrypts user data and sends it back to a server controlled by the hacker.
- Blockchain tracking shows that the hacker's main wallet has accumulated over 1 million USD, converted into 296 ETH, and continues to trade on major exchanges like Binance, Gate.io, and MEXC.
- SlowMist advises users to carefully check meeting links before clicking, avoid executing unknown software, and regularly update antivirus software.
