Crypto scammers stole over $6 million from a meme coin investor using a fake Zoom meeting link that was part of a phishing attack.
On Nov. 11, scammers drained approximately $6.09 million worth of the meme coin Gigachad (GIGA) from a whale investor after tricking them into clicking a malicious link that impersonated a Zoom meeting invitation.
The victim, who identifies as ‘Still in the Game’ on X, said the link led to malware being downloaded on their laptop, which allowed the attacker to drain the funds.
In its post-attack report, blockchain monitoring service Onchain Lens said the attacker managed to drain three different wallets for 95.27 million GIGA but only managed to sell it for 11,759 SOL, worth $2.1 million leading the price of the meme coin to crash from $0.63 to $0.54.
Subsequently, the attacker converted the SOL into the stablecoins USDT and USDC, transferred them to a separate address where they currently remain, and sent an additional 700 SOL “indirectly” to the centralized exchange KuCoin, according to Onchain Lens.
Although the pseudonymous victim clarified that the recent sell-off was due to the phishing attack, GIGA has since dropped over 15% and was hovering just over $0.049 at press time.
You might also like: Trader loses $1.28m in PEPE and other altcoins to Inferno Drainer-linked wallet
The United States Federal Bureau of Investigation and a forensics team are currently investigating the matter to help recover the stolen funds.
Crypto investigation firm Scam Sniffer highlighted the similarity between legitimate Zoom links and a malicious link used in a phishing attack. The fake link, “us04-zoom[.]us,” closely resembles the legitimate “us02web.zoom[.]us,” which can trick unsuspecting users into clicking it.
While this looks simple enough to spot, scammers often use social engineering tactics to gain their victims’ trust before prompting them to click these malicious links. They may pose as trusted contacts or create a sense of urgency, making it easier for unsuspecting users to overlook subtle differences in URLs.
Earlier this year, a cybersecurity engineer warned of a similar attack targeting non-fungible token holders. Scammers used links disguised as Zoom invitations, leading to a fake webpage that closely mimic the video conferencing platform. The site tricked users into installing a malware which infiltrated the victim’s computer and extracted sensitive data.
Meanwhile, crypto phishing scams have grown increasingly sophisticated over the years coming in various forms, and have led to losses of over $750 million in the third quarter of 2024 alone, according to blockchain analytics firm CertiK.
Some of the largest attacks in recent months include the theft of $35 million from a VC fund-linked wallet and $55 million in DAI siphoned from a whale wallet, both resulting from victims signing a “permit” signature as a part of an approval phishing scam.
Read more: Crypto fraud: Mbappé’s X account hacked, trader loses over $1m