A new form of cyberattack has been discovered that uses fake video conferencing software to launch address poisoning attacks and steal crypto assets from community members. SlowMist founder Yu Xian has warned the community after receiving a report from a victim.
Scammers can pose as employees
A community member with the account name maxlin.eth reported that he was the target of a scam. The scammer was posing as a human resources employee of xLabs, an infrastructure development company. The scammer approached him via Telegram and offered a supposed role as a marketing specialist. xLabs’ reputation inspired trust in the victim, making the scam seem credible.
Instead of using common methods like sending malicious software links directly, the scammers conducted a fake job interview via Zoom. After about half an hour, they switched to another meeting software called Meetly, under the pretense that someone using Telegram could not join via Zoom.
When clicking on the Meetly link, the victim saw a realistic-looking conference screen with no sound. The scammers then asked him to download the software to his computer. After installing the application, it kept crashing. This turned out to be a trick; the software had already been downloaded and the session was terminated.
The victim later discovered that the shared link was widely known to be fraudulent. Upon further checking xLabs’ official website and LinkedIn profiles, he found no employees with the names of those who had contacted him. Furthermore, the company did not have a vacancy for a marketing specialist. Thanks to these findings, the user was able to transfer his crypto assets to different wallets and thus prevent potential theft.
Scam reminiscent of previous hack
This scam is reminiscent of a previous hack at MonoSwap, a decentralized exchange and staking platform. On July 23, a MonoSwap developer was tricked into installing malicious software, allowing hackers to access the DEX’s wallets and contracts and steal staked liquidity.
Yu Xian urges the community to remain vigilant and not use unknown software for video conferencing. Always verify the legitimacy of such requests before downloading or installing any software.
Source: https://newsbit.nl/nep-videoconferentiesoftware-gebruikt-voor-crypto-diefstal/