The recent incident reported by maxlin.eth on X described how a scammer posing as an xLabs HR representative used a fake job interview to convince the victim to download malicious software called Meetly.
Crypto scammers have found a new method to deceive and steal from unsuspecting victims: fake video conferencing apps.
Recently, a user on X, known as maxlin.eth, reported encountering a sophisticated job-hunting scam. The scammer, posing as a representative from the human resources department of the infrastructure development firm xLabs, approached the user on Telegram.
❗️小心最新幣圈求職詐騙手法❗️
分享一下我找幣圈工作找到差點被詐騙的經歷
對方假冒 @xLabsxyz HR,甚至能夠跟我通話聊半小時 Xlabs 的公司願景。手法高明得可怕!
以下還原整起事件始末,希望不要有人真的上當 pic.twitter.com/XmZfo1O9oD
— maxlin.eth (@0xMaxLin) July 25, 2024
The Interview Trap
Unlike typical scams, this one involved a fake job interview conducted via a phony Zoom meeting. The victim, believing the job offer was genuine, chatted for nearly half an hour about xLabs’ vision and products. The scammer then requested a switch to a different meeting software called Meetly, citing technical difficulties with Zoom.
When the victim clicked on the provided link, they were directed to a realistic-looking conference screen but experienced technical issues. The scammer convinced the victim to download and install the Meetly software, which turned out to be malicious. Although the session ended, the application was installed.
After realizing something was amiss, the victim researched the link and found it widely reported as fraudulent. Further investigation revealed no record of the supposed xLabs employees or the offered marketing specialist position. The victim swiftly transferred their crypto assets to different wallets, averting potential theft.
Alert from Cybersecurity Experts
On July 22, in a similar fashion, NFT collector and cybersecurity engineer “NFT_Dreww” informed the community to the crypto scam involving fake Zoom links.
⛔Would you have caught this malicious Zoom link?..⛔
Scammers are getting extremely sophisticated, and have evolved their tactics to impersonate zoom which, if downloaded, takes everything from your device… Over $300K stolen so far…
Let’s dive into how this happens ⤵️⤵️… pic.twitter.com/sb1xfOE0tf
— NFT_Dreww.eth (@nft_dreww) July 22, 2024
The scammers insist on using Zoom and send a malicious link that appears legitimate. When clicked, the link opens a “stuck” page with an infinite loading screen, prompting the user to download and install a fake Zoom installer, which is actually malware. Once installed, the malware infiltrates the victim’s computer, stealing data and crypto assets.
According to technologist “Cipher0091,” the malware initially adds itself to the Windows Defender exclusion list to avoid detection. It then begins extracting information while the user is distracted by the fake loading page, as reported by CoinTelegraph.
The scammers continually change domain names to evade detection, with this being their fifth domain used for the scam.
Alarming Increase in Crypto Losses
Research from blockchain security platform Immunefi shows a dramatic increase in crypto losses from hacks and scams.
Over $572 million was lost in Q2 2024, more than double the $220 million lost in Q2 2023. Centralized exchange hacks accounted for the bulk of these losses. The biggest single loss in Q2 was a $305 million Bitcoin hack from the crypto exchange DMM on May 31.
On July 18, Indian crypto exchange WazirX lost $234 million to a hack.
Protecting Against Scams
To protect against such scams, users should:
-
Verify the legitimacy of any job offers and the identities of the individuals involved.
-
Avoid downloading software from unverified sources.
-
Use reputable security software to scan for malware.
-
Be cautious with links received via email or messaging apps, especially if they prompt software downloads.
Credit: Source link
