In This Article
Crypto scammers are targeting NFT holders and crypto holders with a new scheme involving fake Zoom links. By sending malicious Zoom invitations, the scammers trick users into downloading malware that steals their crypto assets. Additionally, Europol has warned people of an increase in AI-assisted cybercrimes. Blockchain identity platform Fractal ID recently released a postmortem report after a data breach, while two people involved in the Forcount Ponzi scheme have pleaded guilty to charges in a New York courtroom.
Crypto Thieves Use Fake Zoom Links
Crypto scammers are once again exploiting unsuspecting victims with a new sophisticated scheme involving fake Zoom links. On July 22, non-fungible token (NFT) collector and cybersecurity engineer "NFT_Dreww" warned X users about this scam, which has already resulted in $300,000 worth of stolen cryptocurrency.
The scam targets NFT holders and crypto whales through social engineering tactics. Scammers pose as people who are interested in licensing intellectual property, invite targets to Twitter Spaces, or offer collaboration opportunities for new projects. They insist on using Zoom for meetings and send malicious links disguised as legitimate Zoom invitations.
After clicking the link, users encounter a "stuck" page with an infinite loading screen, prompting them to download and install ZoomInstallerFull.exe, which is actually malware. This redirects the user back to the real Zoom platform, creating the illusion that the installation was legitimate. By this time, the malware has already infiltrated the user's computer, extracting data and cryptocurrency.
The malware is designed to evade detection by adding itself to the Windows Defender exclusion list, preventing antivirus systems from blocking it. During this time, the user is distracted by the loading page and the process of accepting terms and conditions.
The scammers also continuously change domain names to avoid being flagged. In fact, they are already using their fifth domain for the scam.
Social engineering scams in the crypto world are nothing new, but they are constantly evolving and getting better. Recently, several members of the crypto community have reported receiving malicious emails from scammers impersonating other crypto influencers and executives. These emails contain attachments that are designed to install crypto-stealing malware if executed.
Europol Warns of AI-Driven Cybercrime Surge
Unfortunately, social engineering scams are not the only threat to the community. The European Union Agency for Law Enforcement Cooperation (Europol) predicts an increase in artificial intelligence-assisted cybercrimes, according to its annual “Internet Organised Crime Threat Assessment (IOCTA) 2024” report.
The agency stated that AI tools make it possible for non-technical people to execute very sophisticated online crimes, lowering the entry barrier for bad actors. AI-generated deep fakes and false advertisements are increasingly used to target victims globally. Even more concerning, future developments in deepfake technology could lead to severe crimes like sexual extortion.
Catherine De Bolle, Europol's executive director, placed some emphasis on the need for law enforcement to develop robust capabilities to fight back these threats, including improving human resources and technical skills.
The IOCTA report also raised concerns about certain aspects of the crypto ecosystem, particularly NFTs and Bitcoin exchange-traded funds (ETFs). While large-scale fraud involving NFTs has not yet been seen or identified yet, the adoption of Bitcoin ETFs could expose inexperienced people to scams. Companies issuing crypto ETFs will need to hold large reserves, making them very attractive targets for fraudsters.
Europol recently seized $46 million worth of crypto assets from the crypto mixer ChipMixer, which was allegedly involved in money laundering activities. Blockchain investigator ZachXBT previously claimed that the hackers of the defunct crypto exchange FTX laundered 360 BTC through ChipMixer after a $372 million exploit.
ChatGPT Mimics Biden Post
The real power of AI was recently made clear after the X account for OpenAI’s ChatGPT humorously replicated a post by United States President Joe Biden, which was widely interpreted as "I’m sick" in relation to his recent positive COVID-19 diagnosis. ChatGPT’s post on July 20 elaborated, "of general intelligence not being ubiquitous and too cheap to meter."
This came two days after Biden's similar "I’m Sick" post, where he accused Elon Musk of trying to "buy the election" by donating $45 million a month to a pro-Trump political action committee.
Biden’s post coincided with his announcement that he tested positive for COVID-19 on July 18. Despite the diagnosis, Biden assured the public that he felt good and would continue working while isolating. This all happened amid calls from some Democratic Party members for Biden to step aside in the 2024 election.
The tech trade group Chamber of Progress also urged Biden in a July 9 letter to support comprehensive crypto regulation to improve his chances in the 2024 presidential election. They argued that Biden could still win the cryptocurrency issue against Donald Trump, who reversed his stance on crypto.
Fractal ID Shares Postmortem
Meanwhile, blockchain identity platform Fractal ID has published a postmortem with some details about a data breach that happened on July 14. The breach was traced back to a 2022 incident where an employee reused a compromised password.
The breached account belonged to an operator with admin rights, which allowed the attacker to bypass internal data privacy systems. System monitoring did end up locking out the attacker within 29 minutes. The root cause of the breach was the operator’s failure to follow operational security policies and the reuse of credentials from past hacks.
On July 14, 2024, Fractal ID detected unusual activity in its back offices, which was identified as a malicious attack leading to data exfiltration for approximately 0.5% of its user base. In response to this, Fractal ID disabled all accounts in the compromised system and limited access to senior employees only.
The company prioritized improving security measures, including implementing request throttling, finer-grained authorization, tighter monitoring of failed authentication attempts, and stricter IP control. Fractal ID also contacted data protection authorities and the cybercrime police division in Berlin. They engaged with cybersecurity services to monitor for the potential distribution of stolen data.
The breach affected around 6,300 users, with data ranging from proof-of-personhood checks to complete KYC checks, including names, email addresses, phone numbers, wallet addresses, physical addresses, and images of uploaded documents. Fractal ID informed the affected users directly.
This incident was not an anomaly as a similar event happened on June 27. Autix10, another crypto ID provider, exposed its online administrative login details. However, in Autix10’s case, the attacker did not access any customer data.
Two Involved in Forcount Ponzi Scheme Plead Guilty
Luckily, some of those who take advantage of the crypto community still come face to face with justice. Two people who were involved in the Forcount crypto Ponzi scheme have pleaded guilty to charges in a New York courtroom.
On July 22, at the United States District Court for the Southern District of New York, Antonia Perez Hernandez and Nestor Nunez admitted to conspiracy to commit wire fraud related to the Forcount scheme. From 2017 to 2021, Hernandez, Nunez, and others allegedly defrauded $8.4 million from mostly Spanish-speaking investors by promoting crypto trading and mining on Forcount, promising big returns.
Among the five defendants charged in 2022, Juan Tacuri also pleaded guilty. As a promoter, Tacuri traveled across the US, hosting presentations to recruit investors. He agreed to forfeit close to $4 million and properties bought with victims’ money as part of a deal with prosecutors announced.
Judge Analisa Torres is expected to sentence Tacuri on Sept. 24. So far, no sentencing hearing is scheduled for Nunez or Hernandez. The remaining defendants, Francisley Da Silva and Ramon Perez, have not entered guilty pleas and are awaiting trial.
The Forcount guilty pleas are part of a series of criminal cases brought by US authorities against people involved with crypto firms. Former FTX CEO Sam Bankman-Fried is serving 25 years in prison after a 2023 conviction for fraud related to the misuse of customer funds at the crypto exchange. Former Binance CEO Changpeng Zhao will likely be in prison until October after a guilty plea and a four-month sentence for violating US money laundering laws.
