How did a fake zoom link successfully steal 1M funds? | Bee Network

进入原网站导航首页

How did a fake zoom link successfully steal 1M funds? | Bee Network Login Tin tức thịnh hành Nền tảng khởi chạy meme Các tác nhân trí tuệ nhân tạo (AI) DeSci TopChainExplorer Dành cho Newbee Tiền xu 100 lần Trò chơi Ong Trang web cần thiết ỨNG DỤNG Phải Có Người nổi tiếng về tiền điện tử DePIN Tân binh cần thiết Máy dò bẫy Công cụ cơ bản Trang web nâng cao Trao đổi Công cụ NFT CHÀO, Đăng xuất Vũ trụ Web3 Trò chơi Ứng dụng phi tập trung (DApp) Tổ ong Nền tảng phát triển QUẢNG CÁO Tìm kiếm Tiếng Anh Nạp xu Đăng nhập Tải xuống Đại học Web3 Trò chơi Ứng dụng phi tập trung (DApp) Tổ ong QUẢNG CÁO trang chủ•Phân tích•How did a fake zoom link successfully steal 1M funds? How did a fake zoom link successfully steal 1M funds?Phân tích1 năm trước (2024)更新Wyatt 36.7111 34 When I woke up in the morning, I saw several WeChat groups spreading the news that @lsp 8940 encountered a fake zoom link and 1M USD was stolen ( https://x.com/lsp8940/status/1871350801270296709 ). This reminded me that I encountered a similar thing on the 18th. At that time, a foreigner sent me a private message asking for cooperation. We communicated several times and then made an appointment to chat in a zoom meeting at 9 pm. When the time came, the foreigner sent me a link to a conference room, as shown below

https://app.us4zoom.us/j/8083344643?pwd= seyuvstpldar 6ugeEtcGGury 936 qBCQr #success

(Important reminder, this is a phishing link, don鈥檛 click! Don鈥檛 click! Don鈥檛 click! )

I felt a little strange when I saw this link. The domain name was us4zoom , which looked a bit irregular, but I had never used zoom before so I was not sure. Then I searched on Google and perplexity and found that the official website was zoom.us, which did not match the domain name given by the scammer.

The link provided by the scammer will download an installation package. The downloaded file is a bit small and is much smaller than the normal installation package size, as shown below

When you open the fake zoom installation package, you will find an obvious problem. Normal software installation basically asks you to click Continue all the way, and then the installation is completed. For example, the interface of the real zoom installation package is as shown in the figure

The installation interface of the fake zoom installation package is as follows

What the hell is this? Why do they ask us to drag the Zoom.file file into the terminal to execute it? This is obviously a problem. I opened Zoom.file with a text editor and found that it was a bash script, but I couldn鈥檛 understand the content at all. It looked like it was encrypted.

But I was not afraid. I threw the entire content to gpt and asked gpt to help me analyze the script.

Gpt told me that this code was hidden by base 64 encoding. After decoding, I found that the main function of this script is to copy the Trojan file .ZoomApp from the installation package to the /tmp directory for execution. Because this Trojan file is hidden, it is not visible by default.

The analysis of this Trojan file is beyond my ability, and gpt cannot provide practical help. This part of the analysis requires the relay of professional security personnel. However, it can be speculated that this Trojan will scan key files for upload, such as the local files of the browser plug-in wallet. I remember that in 21 years, the private key can be recovered from the local files of metamask, provided that the set password is known or brute force cracking is used.

We can draw several conclusions from this incident:

1. The scammers are casting a wide net. @cutepanda web3 also tweeted today that he encountered the same scam.

2. This is the same scammer. From @lsp 8940 鈥檚 replay tweet, we can see that the fake zoom meeting links we both received are exactly the same.

https://x.com/lsp8940/status/1871426071499100630

3. Be cautious about private messages from strangers on Twitter, especially if the stranger has never tweeted and your mutual friends don鈥檛 follow him.

4. Try to set the browser plug-in wallet password to be more complex, so that when the browser plug-in file is leaked, it will increase the difficulty of cracking.

Safety is no small matter, I hope everyone will avoid falling into traps.

This article is sourced from the internet: How did a fake zoom link successfully steal 1M funds?

Related: LBank Labs 2024 Meme Track Research: Breaking the Circle and Rebirth, From Controversial Narratives to the 100 Billion T introduction As the crypto market matures and the industry landscape continues to evolve, Meme Coin has developed into an emerging market with a market value of over $100 billion, relying on its unique value capture model and community consensus. Against the backdrop of market volatility and a tightening regulatory environment, its resilience and vitality have triggered in-depth reflections on its core value in the industry. In order to fully grasp the development context and future trends of the Meme track, LBank Labs, MetaEra and Con ong Network jointly released the 2024 Meme Track Research: Breaking the Circle and Rebirth, From Controversial Narratives to the 100 Billion Track research report. This in-depth research report, through a systematic analysis of market size, ecological pattern, infrastructure construction, exchange layout and other dimensions, presents in…

Phân tích ## web3© 版权声明Mảng 上一 hình ảnh 7 dự đoán của Forbes cho năm 2025: Nhiều quốc gia lớn hơn sẽ triển khai dự trữ Bitcoin, và tổng giá trị thị trường của tiền điện tử sẽ... 下一 hình ảnh Economic Calendar for Cryptocurrency Traders Week 52, 2024 相关文章 Odaily Editorial Department’s Complete Investment Operation Record (November 5th) 6086cf14eb90bc67ca4fc62b 14.676 Airdrop Weekly Report | Monad will launch its public sale on November 17; Aster begins Phase 4, Aster Harvest (November 6086cf14eb90bc67ca4fc62b 18.643 Weekly Funding Roundup | 11 Projects Secure Funding, Total Raised Reaches $232 Million (Jan 12-18) 6086cf14eb90bc67ca4fc62b 8.423 Lựa chọn hàng tuần của Ban Biên tập (1018-1024) 6086cf14eb90bc67ca4fc62b 17.696 $1.5 billion black eats black: FTX and Three Arrows Capital devour each other 6086cf14eb90bc67ca4fc62b 30.068 1 Stripe for Agents: An Investment Map of Agents from Protocol Stacks to the Payment Ecosystem 6086cf14eb90bc67ca4fc62b 17.643 1 1 bình luận Bạn phải đăng nhập để co thể để lại một lơi nhận xét! Đăng nhập ngay lập tức #Beeliever2IRUBI6 Khách mời TÔI

1 năm trước (2024) Bài viết mới nhất Did Jane Street “Manipulate” BTC? Decoding the AP System, Understanding the Power Struggle Behind ETF Creation and Redemption Pricing 18 giờ trước 578 Stop Comparing Bitcoin to Gold—It’s Now a High-Volatility Software Stock 18 giờ trước 666 Matrixport Research: $25 Billion Gamma Unwinding Imminent, Liquidity Yet to Return Behind the Rebound 18 giờ trước 615 ERC-5564: Ethereum’s Stealth Era Has Arrived, Receiving Addresses No Longer ‘Exposed’ 18 giờ trước 534 Hong Kong Regulatory Green Light: Asseto Enables DL Holdings to Achieve Compliance for Two RWA Business Implementations 18 giờ trước 590 Trang web phổ biếnTempo Lighter GAIB Máy bay lượn Planck Rayls BCPoker Vooi Bee.com Cổng thông tin Web3 lớn nhất thế giới Đối tác đồng xuCá chép Binance CoinMarketCap CoinGecko Coinlive Giáp Tải xuống Bee Network APP và bắt đầu hành trình web3 Giấy trắng Vai trò Câu hỏi thường gặp © 2021–2026. Tất cả quyền được bảo lưu. Chính sách bảo mật | Điều khoản dịch vụ Tải xuống ứng dụng Bee Network và bắt đầu hành trình web3 Cổng thông tin Web3 lớn nhất thế giới Đối tác CoinCarp Binance CoinMarketCap CoinGecko Coinlive Armors Giấy trắng Vai trò Câu hỏi thường gặp © 2021–2026. Tất cả quyền được bảo lưu. Chính sách bảo mật | Điều khoản dịch vụ Tìm kiếm Tìm kiếmTrong trang webOnChainXã hộiTin tức 热门推荐: Thợ săn airdrop Phân tích dữ liệu Người nổi tiếng về tiền điện tử Máy dò bẫy Tiếng Việt English 繁體中文简体中文日本語 العربية 한국어 Bahasa Indonesia हिन्दी اردو Русский Tiếng Việt

智能索引记录

2026-03-02 12:33:43 综合导航成功标题：SSH Blog Defensive Cybersecurity Zero Trust
简介：Zero Trust Read about secure communications between people
2026-03-02 13:51:58 综合导航成功标题：William Howitt (1792-1879). The Reader's Biographical Encyclopaedia. 1922
简介：William Howitt (1792-1879). The Reader
2026-03-02 16:15:24 综合导航成功标题：PUMP bucks the trend, with meme launchers battling it out for nearly two weeks.Recommended Articles Bee Network
简介：The
2026-03-02 10:41:30 综合导航成功标题：ICF + Salesforce Partner Solutions ICF
简介：Working together to build agile solutions that accelerate mi
2026-03-02 10:46:37 综合导航成功标题：Worrying iPhone 12 Pro report states Apple flagship stripped of key feature T3
简介：The feature we desperately wanted from the Apple iPhone 12 P
2026-03-02 16:02:00 综合导航成功标题：PT - Allied Health · GQR
简介：Allied Health PT Job Location: Mt Juliet, TN Profession: Phy
2026-03-02 12:30:39 游戏娱乐成功标题：DX12报错怎么处理手把手教你快速修复-驱动人生
简介：本文详细介绍DX12报错的三大解决方法，帮助你快速解决DirectX 12错误问题，提升游戏和图形程序的稳定性。
2026-03-02 12:27:07 视频影音成功标题：《drawrof nur》2021电影在线观看完整版剧情 - xb1
简介：drawrof nur(2021)电影免费在线观看完整版剧情介绍，drawrof nur主要演员阵容、上映时间、最新预告
2026-03-02 16:41:04 综合导航成功标题：胭脂河诡怪传说简介最新章节_胭脂河诡怪传说简介小说免费全文阅读_恋上你看书网
简介：冒充尸体跟人冥婚骗钱，结果却连自己的身体也弄丢了。“你丢失的身体，我帮你找回来！”为了好看的冰块脸一句许诺，借尸还魂的她
2026-03-02 14:44:24 综合导航成功标题：39健康网_中国优质医疗保健信息与在线健康服务平台
简介：39健康网，专业的健康资讯门户网站，中国优质医疗保健信息与在线健康服务平台，医疗保健类网站杰出代表，荣获中国标杆品牌称号
2026-03-02 13:00:56 教育培训成功标题：做饭作文300字[通用]
简介：在平平淡淡的学习、工作、生活中，大家都接触过作文吧，借助作文人们可以实现文化交流的目的。如何写一篇有思想、有文采的作文呢
2026-03-02 16:28:23 综合导航成功标题：æºå³çæ¼é³_æºå³çææ_æºå³çç¹ä½_è¯ç»ç½
简介：è¯ç»ç½æºå³é¢é,ä»ç»æºå³,æºå³çæ¼é³,æºå³æ¯
2026-03-02 12:55:24 综合导航成功标题：苹果熟了小学作文
简介：无论是身处学校还是步入社会，许多人都写过作文吧，借助作文人们可以实现文化交流的目的。那么一般作文是怎么写的呢？下面是小编
2026-03-02 13:57:58 游戏娱乐成功标题：情人节MM做巧克力,情人节MM做巧克力小游戏,4399小游戏 www.4399.com
简介：情人节MM做巧克力在线玩,情人节MM做巧克力下载, 情人节MM做巧克力攻略秘籍.更多情人节MM做巧克力游戏尽在4399小
2026-03-02 14:36:13 综合导航成功标题：ä¸åçæ¼é³_ä¸åçææ_ä¸åçç¹ä½_è¯ç»ç½
简介：è¯ç»ç½ä¸åé¢é,ä»ç»ä¸å,ä¸åçæ¼é³,ä¸åæ¯
2026-03-02 10:58:44 综合导航成功标题：Catégories
简介：Excelsis, librairie chrétienne, protestante et évangélique e
2026-03-02 12:29:24 综合导航成功标题：Hotel Canada - Book top hotels cheaply with HRS!
简介：Book hotels with HRS and save up to 50%: Enjoy exclusive ben
2026-03-02 10:45:10 综合导航成功标题：《金妮与乔治娅第一季》在线观看-迅雷下载-最新美剧-美剧网
简介：金妮与乔治娅第一季剧情介绍：金妮与乔治娅第一季是由内详执导,布里安娜·豪伊,安东尼娅·金特里,迪塞尔·拉托拉卡,Jenn
2026-03-02 13:50:25 教育培训成功标题：秋游写景作文
简介：在平平淡淡的学习、工作、生活中，大家都写过作文，肯定对各类作文都很熟悉吧，写作文可以锻炼我们的独处习惯，让自己的心静下来
2026-03-02 16:19:36 综合导航成功标题：Moritz Brosch (1829-1907). The Reader's Biographical Encyclopaedia. 1922
简介：Moritz Brosch (1829-1907). The Reader
2026-03-02 14:01:47 综合导航成功标题：超人气修真目录最新章节_超人气修真全文免费阅读_风云中文网
简介：超人气修真目录最新章节由网友提供，《超人气修真》情节跌宕起伏、扣人心弦，是一本情节与文笔俱佳的风云中文网，风云中文网免费
2026-03-02 10:40:10 综合导航成功标题：Generative AI investment to scale capabilities: PwC
简介：How PwC is expanding AI capabilities, including a relationsh
2026-03-02 16:35:32 综合导航成功标题：Slow job growth confounds economists Law.com
简介：The job market is defying history.A dismal June employment r
2026-03-02 12:38:53 图片素材成功标题：谦逊的作文900字描写谦逊的作文关于谦逊的作文-作文网
简介：作文网精选关于谦逊的900字作文，包含谦逊的作文素材，关于谦逊的作文题目，以谦逊为话题的900字作文大全，作文网原创名师
2026-03-02 16:16:32 综合导航成功标题：Schaeffler Germany
简介：Schaeffler has been driving forward groundbreaking invention
2026-03-02 16:53:16 综合导航成功标题：www.0dn.com
简介：0dn.com - Buy real estate with little or no money down. Uniq
2026-03-02 10:40:49 综合导航成功标题：Why should AI framework standards move towards chaining? Bee Network
简介：Original author: Haotian (X: @tme l0 211 ) Many people stil
2026-03-02 10:35:44 综合导航成功标题：鬼差 txt最新章节_第九章初次拘魂第1页_鬼差 txt免费章节_恋上你看书网
简介：第九章初次拘魂第1页_鬼差 txt_杜易_恋上你看书网
2026-03-02 13:51:17 综合导航成功标题：Simple recipe: This is the best simple recipe available!
简介：Enjoy hundreds of simple recipes from three of Betty Crocker
2026-03-02 14:26:01 综合导航成功标题：Four.Meme Bee Network
简介：बीएससी चेन पर मीम टोकन लॉन्च करने के लिए बीएससी मीम लॉन्चपैड