BlockBeats News, December 15th, the cybersecurity nonprofit organization Security Alliance warned that they are currently detecting multiple scam attempts by North Korean hackers every day, and these attacks lure victims through fake Zoom meetings.
The scam involves enticing the victim to download malware during a “fake Zoom call,” thereby stealing sensitive information including passwords and private keys. Security researcher Taylor Monahan warned that this tactic has siphoned off over $300 million in assets from users.
The scam usually starts with a message from a Telegram account, often belonging to someone the victim “knows.” Due to the familiar identity, the victim lowers their guard. Subsequently, the conversation naturally transitions to an invitation for a “Zoom catch-up.” Once the call begins, the hacker pretends to have audio issues and sends a so-called “patch file.” When the victim opens this file, malware is implanted on their device. The hacker then ends this fake call citing a “rain check for another day.”
