• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Analysis of Phishing Attack Using Fake Zoom Links

user avatar

by Giorgi Kostiuk

a year ago

Recently, users reported phishing attacks using fake Zoom links, resulting in stolen crypto assets worth millions. SlowMist conducted an analysis of the incident, examining the attack methods and fund movements.

Phishing Link Analysis

Attackers used a domain similar to the legitimate Zoom domain to disguise their attack. Clicking the 'Launch Meeting' button initiated the download of malicious software instead of launching the Zoom client. The analysis revealed that attackers were using the Telegram API to monitor who clicked the download button.

Malware Analysis

The malware file was named 'ZoomApp_v.3.14.dmg' and tricked users into entering their system password. It executed a script that collected and sent data to attackers, allowing access to sensitive information like passwords and crypto wallet data.

Malicious Behavior Analysis

The analysis showed that the malicious code collected system, browser, and crypto wallet data, sending it to an attacker-controlled server in the Netherlands. Using MistTrack, it was discovered that hacker addresses received over $1 million, including ETH and other cryptocurrencies, later moved to various platforms.

Phishing attacks using Zoom links pose a significant security threat, combining social engineering and trojans. SlowMist Security Team advises users to verify meeting links carefully and use antivirus software to protect their data.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

RWA Nexus Focuses on Real-World Asset Tokenization

chest

RWA Nexus is targeting the tokenization of real-world assets to bridge traditional finance and blockchain.

user avatarGustavo Mendoza

MOVE Experiences 15% Rally Following Hyperliquid Listing

chest

MOVE has seen a sharp 15% price increase after its listing on Hyperliquid, despite broader market pullbacks.

user avatarMiguel Rodriguez

World Liberty Financial Announces World Liberty Forum

chest

World Liberty Financial WLFI announces the World Liberty Forum to discuss the future of finance, technology, and regulation.

user avatarRajesh Kumar

Poland's Central Bank Plans Major Gold Purchase

chest

Poland's central bank plans to purchase 150 tons of gold, causing a surge in gold prices.

user avatarLuis Flores

CNBC Vice President Almost Falls Victim to Coinbase Phishing Scam

chest

Jason Gewirtz, CNBC's news VP, nearly fell for a Coinbase phishing scam when a caller impersonating a security representative claimed there was suspicious activity on his account.

user avatarArif Mukhtar

Avalanche Launches Build Games Competition with $1 Million Prize Pool

chest

Avalanche AVAX has launched a six-week global online competition called Build Games, offering $1 million in prizes to developers building new products and experiments on its blockchain network.

user avatarMaria Gutierrez

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.