Crypto Scammers Steal Over $6 Million Using Fake Zoom Link

加密货币诈骗者利用虚假 Zoom 链接窃取超过 600 万美元

On November 11, scammers exploited a phishing attack to drain approximately $6.09 million worth of the meme coin Gigachad (GIGA) from an investor known as 'Still in the Game.' The attack involved a malicious link disguised as a Zoom meeting invitation.

11 月 11 日，诈骗者利用网络钓鱼攻击从一位名为“Still in the Game”的投资者那里盗取了价值约 609 万美元的模因币 Gigachad (GIGA)。此次攻击涉及伪装成 Zoom 会议邀请的恶意链接。

Clicking the link downloaded malware onto the victim's laptop, granting the attackers remote access to their funds. According to blockchain monitoring service Onchain Lens, the attackers targeted three wallets and stole 95.27 million GIGA but only managed to sell it for 11,759 SOL ($2.1 million).

单击该链接会将恶意软件下载到受害者的笔记本电脑上，从而使攻击者能够远程访问其资金。根据区块链监控服务 Onchain Lens 的数据，攻击者瞄准了 3 个钱包，窃取了 9527 万个 GIGA，但仅以 11,759 SOL（210 万美元）的价格出售。

The SOL was converted into USDT and USDC stablecoins, then transferred to a separate address. Additionally, 700 SOL was sent to the centralized exchange KuCoin.

SOL 被转换为 USDT 和 USDC 稳定币，然后转移到单独的地址。此外，还有700 SOL被发送至中心化交易所KuCoin。

Despite clarification from the victim that the sell-off was a consequence of the phishing attack, GIGA has lost over 15% and was trading at $0.049 at press time.

尽管受害者澄清抛售是网络钓鱼攻击的结果，但 GIGA 的损失超过 15%，截至发稿时交易价格为 0.049 美元。

The Federal Bureau of Investigation (FBI) and a forensics team are investigating the incident to recover the stolen funds.

联邦调查局 (FBI) 和取证小组正在调查这一事件，以追回被盗资金。

Crypto investigation firm Scam Sniffer emphasizes the similarity between legitimate and malicious Zoom links, highlighting the importance of vigilance. Scammers often employ social engineering tactics to gain trust and entice victims to click malicious links.

加密货币调查公司 Scam Sniffer 强调合法和恶意 Zoom 链接之间的相似性，强调保持警惕的重要性。诈骗者经常采用社会工程策略来获得信任并诱使受害者点击恶意链接。

Earlier in the year, a cybersecurity engineer reported a similar attack targeting non-fungible token (NFT) holders, involving fake Zoom invitations leading to a compromised webpage.

今年早些时候，一名网络安全工程师报告了一次针对非同质代币 (NFT) 持有者的类似攻击，涉及伪造的 Zoom 邀请，导致网页遭到破坏。

Crypto phishing scams have become increasingly sophisticated, leading to substantial losses. According to blockchain analytics firm CertiK, over $750 million was lost to phishing in the third quarter of 2024. Recent high-profile attacks include the theft of $35 million from a VC fund and $55 million in DAI from a whale wallet, both resulting from approval phishing scams.

加密货币网络钓鱼诈骗变得越来越复杂，导致巨大损失。根据区块链分析公司 CertiK 的数据，2024 年第三季度网络钓鱼造成了超过 7.5 亿美元的损失。最近备受瞩目的攻击包括从风险投资基金中盗窃 3500 万美元，从鲸鱼钱包中盗窃 5500 万美元的 DAI，这两项攻击都是在批准后造成的网络钓鱼诈骗。