PANews reported on December 27 that SlowMist posted on the X platform that investors should be wary of phishing attacks disguised as Zoom meeting links, in which attackers use the domain name "app[.]us4zoom[.]us" to impersonate a legitimate Zoom meeting link. The webpage closely mimics the real Zoom meeting interface. When the user clicks the "Start Meeting" button, it triggers the download of a malicious installation package instead of launching the local Zoom client. Hackers collect user data and decrypt it to steal sensitive information such as mnemonics and private keys. These attacks usually combine social engineering and Trojan horse techniques.