Crypto Scammers Steal Over $6 Million Using Fake Zoom Link

加密貨幣詐騙者利用虛假 Zoom 連結竊取超過 600 萬美元

On November 11, scammers exploited a phishing attack to drain approximately $6.09 million worth of the meme coin Gigachad (GIGA) from an investor known as 'Still in the Game.' The attack involved a malicious link disguised as a Zoom meeting invitation.

11 月 11 日，詐騙者利用網路釣魚攻擊從一位名為「Still in the Game」的投資者那裡盜取了價值約 609 萬美元的迷因幣 Gigachad (GIGA)。此次攻擊涉及偽裝成 Zoom 會議邀請的惡意連結。

Clicking the link downloaded malware onto the victim's laptop, granting the attackers remote access to their funds. According to blockchain monitoring service Onchain Lens, the attackers targeted three wallets and stole 95.27 million GIGA but only managed to sell it for 11,759 SOL ($2.1 million).

點擊該連結會將惡意軟體下載到受害者的筆記型電腦上，使攻擊者能夠遠端存取其資金。根據區塊鏈監控服務 Onchain Lens 的數據，攻擊者瞄準了 3 個錢包，竊取了 9527 萬個 GIGA，但僅以 11,759 SOL（210 萬美元）的價格出售。

The SOL was converted into USDT and USDC stablecoins, then transferred to a separate address. Additionally, 700 SOL was sent to the centralized exchange KuCoin.

SOL 被轉換為 USDT 和 USDC 穩定幣，然後轉移到單獨的地址。此外，還有700 SOL被送到中心化交易所KuCoin。

Despite clarification from the victim that the sell-off was a consequence of the phishing attack, GIGA has lost over 15% and was trading at $0.049 at press time.

儘管受害者澄清拋售是網路釣魚攻擊的結果，但 GIGA 的損失超過 15%，截至發稿時交易價格為 0.049 美元。

The Federal Bureau of Investigation (FBI) and a forensics team are investigating the incident to recover the stolen funds.

聯邦調查局 (FBI) 和取證小組正在調查這起事件，以追回被盜資金。

Crypto investigation firm Scam Sniffer emphasizes the similarity between legitimate and malicious Zoom links, highlighting the importance of vigilance. Scammers often employ social engineering tactics to gain trust and entice victims to click malicious links.

加密貨幣調查公司 Scam Sniffer 強調合法和惡意 Zoom 連結之間的相似性，強調保持警惕的重要性。詐騙者經常採用社會工程策略來獲得信任並誘使受害者點擊惡意連結。

Earlier in the year, a cybersecurity engineer reported a similar attack targeting non-fungible token (NFT) holders, involving fake Zoom invitations leading to a compromised webpage.

今年早些時候，一名網路安全工程師報告了一次針對非同質代幣 (NFT) 持有者的類似攻擊，涉及偽造的 Zoom 邀請，導致網頁遭到破壞。

Crypto phishing scams have become increasingly sophisticated, leading to substantial losses. According to blockchain analytics firm CertiK, over $750 million was lost to phishing in the third quarter of 2024. Recent high-profile attacks include the theft of $35 million from a VC fund and $55 million in DAI from a whale wallet, both resulting from approval phishing scams.

加密貨幣網路釣魚詐騙變得越來越複雜，導致巨大損失。根據區塊鏈分析公司CertiK 的數據，2024 年第三季網路釣魚造成了超過7.5 億美元的損失。美元的DAI，這兩項攻擊都是在批准後造成的網路釣魚詐騙。