Crypto Scammers Steal Over $6 Million Using Fake Zoom Link
On November 11, scammers exploited a phishing attack to drain approximately $6.09 million worth of the meme coin Gigachad (GIGA) from an investor known as 'Still in the Game.' The attack involved a malicious link disguised as a Zoom meeting invitation.
Clicking the link downloaded malware onto the victim's laptop, granting the attackers remote access to their funds. According to blockchain monitoring service Onchain Lens, the attackers targeted three wallets and stole 95.27 million GIGA but only managed to sell it for 11,759 SOL ($2.1 million).
The SOL was converted into USDT and USDC stablecoins, then transferred to a separate address. Additionally, 700 SOL was sent to the centralized exchange KuCoin.
Despite clarification from the victim that the sell-off was a consequence of the phishing attack, GIGA has lost over 15% and was trading at $0.049 at press time.
The Federal Bureau of Investigation (FBI) and a forensics team are investigating the incident to recover the stolen funds.
Crypto investigation firm Scam Sniffer emphasizes the similarity between legitimate and malicious Zoom links, highlighting the importance of vigilance. Scammers often employ social engineering tactics to gain trust and entice victims to click malicious links.
Earlier in the year, a cybersecurity engineer reported a similar attack targeting non-fungible token (NFT) holders, involving fake Zoom invitations leading to a compromised webpage.
Crypto phishing scams have become increasingly sophisticated, leading to substantial losses. According to blockchain analytics firm CertiK, over $750 million was lost to phishing in the third quarter of 2024. Recent high-profile attacks include the theft of $35 million from a VC fund and $55 million in DAI from a whale wallet, both resulting from approval phishing scams.