DeFi Phishing Attack : How a Fake Zoom App Stole $1M

Story Highlights

• A DeFi miner loses $1M in a phishing attack via a fake Zoom app, highlighting rising malware threats in cryptocurrency security.

• Phishing scams in DeFi escalate: $1M stolen through malware, stressing the need for vigilance, 2FA, and verifying links in 2024.

An old miner of DeFi recently became a victim of a phishing attack, where malware in the form of a fake Zoom app sucked $ 1 million out of the DeFi user’s wallet.

屋漏偏逢连夜雨

早上起来发现推特被盗了，找回推特后，发现钱包被盗了，损失 1 M Usd0++ ，钱应该是找不回了

事件逻辑是昨晚黑客伪装了一个推特，一眼看过去没问题，通过我的推特互动信息，伪装我是 XX…

— Lsp (@lsp8940) December 24, 2024

The Attack Unfolds

The victim described how he had received a direct message from the attacker starting what appeared to be a normal conversation through the Twitter page. The attack started with a threat actor impersonating the CEO of a real crypto project and introducing themselves by mentioning people the receiver knew.

The attacker suggested the next step should be scheduling a meeting to talk about project development via ZOOM; the link to the Zoom meeting was also shared.

Believing the request, the victim tried to reinstall the Zoom app as the fake webpage demanded it. As a result, having downloaded and opened the link, they unleashed malware that was to capture wallet credentials and private keys.

The victim only came to find out about the loss when their Twitter account had been hacked and their crypto wallet emptied.

Even though the victim is a rather experienced DeFi user and miner, he confessed that the loss occurred due to a single moment of inattention

• Also Read :
• Crypto Phishing Scams 2024: How Hackers Stole $500K in a Month
• ,

Rising Threat of Malware in Crypto

The attack is not an isolated event but one of the many malware attacks focused on users of cryptocurrencies. Hackers like those who registered us04-zoom[.]us domain-level tricks to ensure that unsuspecting individuals install malware on their devices. Such phishing campaigns usually take advantage of familiar tactics like popular platforms Zoom to reduce guard.

Security Measures That Crypto Users Should Undertake

To mitigate the risk of such attacks, experts recommend the following precautions:

• Verify sources: It is always important to verify the authenticity of links and downloading sources in a particular common application such as Zoom or Twitter.
• Run security scans: Some malware sneaks into the computer through downloaded files, so make sure downloads are scanned before installation using a reliable antivirus.
• Enable 2FA: Increase account security by also implementing two-factor authentication for all accounts.
• Stay sceptical: Do not interact with spam texts or chats even from your ‘friends,’ or ‘followers.’

Let this serve as a stark reminder: the world of DeFi is no different, and being just once careless can lead to terrible outcomes. Stay alert, stay secure!

Source