• Expert warns of fake Zoom links that target NFT and crypto investors, stealing $300,000 so far.
  • Scammers use sophisticated malware disguised as Zoom updates to bypass antivirus protection.

On July 22, NFT collector and cybersecurity expert "NFT_Dreww" warned X users about a highly advanced crypto scam using fake Zoom links. He mentioned that the scammers had already stolen $300,000 worth of cryptocurrency using this method.

According to Drew, scammers often target NFT holders or large cryptocurrency investors. They pose as interested parties wanting to license intellectual property or invite targets to join Twitter Spaces or new project teams. 

Next up, insisting on using Zoom, they rush the target to join an ongoing meeting using a subtly malicious link. And even if you already have Zoom installed, the scam will redirect you to what looks like a Zoom page stuck in an endless loading loop. It tricks you into downloading "ZoomInstallerFull.exe" under the guise of a legitimate update or fix. 

The process appears authentic, with prompts to accept the terms and conditions and start the download. After downloading, the page may continue to spin, creating the impression of a slow or glitchy process. And eventually, it redirects you to the genuine zoom.us website, making it seem like the issue was resolved normally. 

However, during this time, malicious software has already been installed on your system. It also puts itself on the Windows Defender list so antivirus programs won't stop it. 

This stealthy tactic allows attackers to access sensitive information and potentially steal cryptocurrency without your awareness. Additionally, the scammers keep on switching domain names frequently to avoid detection.

Crypto scams aren’t something new. Over the last couple of years, the number of crypto scams has increased significantly. Recently, the Indian cryptocurrency exchange, WazirX fell prey to a hack that resulted in $235 million worth of funds stolen.

Edited by Harshajit Sarmah