DeFi Phishing Attack : How a Fake Zoom App Stole $1M
The post DeFi Phishing Attack : How a Fake Zoom App Stole $1M appeared first on Coinpedia Fintech News
An old miner of DeFi recently became a victim of a phishing attack, where malware in the form of a fake Zoom app sucked $ 1 million out of the DeFi user’s wallet.
The Attack Unfolds
The victim described how he had received a direct message from the attacker starting what appeared to be a normal conversation through the Twitter page. The attack started with a threat actor impersonating the CEO of a real crypto project and introducing themselves by mentioning people the receiver knew.
The attacker suggested the next step should be scheduling a meeting to talk about project development via ZOOM; the link to the Zoom meeting was also shared.
Believing the request, the victim tried to reinstall the Zoom app as the fake webpage demanded it. As a result, having downloaded and opened the link, they unleashed malware that was to capture wallet credentials and private keys.
The victim only came to find out about the loss when their Twitter account had been hacked and their crypto wallet emptied.
Even though the victim is a rather experienced DeFi user and miner, he confessed that the loss occurred due to a single moment of inattention
Rising Threat of Malware in Crypto
The attack is not an isolated event but one of the many malware attacks focused on users of cryptocurrencies. Hackers like those who registered us04-zoom[.]us domain-level tricks to ensure that unsuspecting individuals install malware on their devices. Such phishing campaigns usually take advantage of familiar tactics like popular platforms Zoom to reduce guard.
Security Measures That Crypto Users Should Undertake
To mitigate the risk of such attacks, experts recommend the following precautions:
- Verify sources: It is always important to verify the authenticity of links and downloading sources in a particular common application such as Zoom or Twitter.
- Run security scans: Some malware sneaks into the computer through downloaded files, so make sure downloads are scanned before installation using a reliable antivirus.
- Enable 2FA: Increase account security by also implementing two-factor authentication for all accounts.
- Stay sceptical: Do not interact with spam texts or chats even from your ‘friends,’ or ‘followers.’
Let this serve as a stark reminder: the world of DeFi is no different, and being just once careless can lead to terrible outcomes. Stay alert, stay secure!
Never Miss a Beat in the Crypto World!
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.