Multiple crypto project founders report encountering a large number of North Korean hackers' false Zoom meeting attack attempts

PANews March 13th news, according to Cointelegraph, at least three crypto project founders have reported in the past few days that they have successfully thwarted suspected North Korean hackers' attempts to steal sensitive data by forging Zoom calls. On March 11, Nick Bax, a member of the white hat hacker group "Security Alliance", posted a warning on X that North Korean scammers have used this method to steal millions of dollars from victims. Bax introduced that scammers usually use meetings or cooperation as bait to contact targets. After the call begins, they send a message pretending that there is something wrong with the audio, and play a boring VC investor video, followed by a fake new call link, lying that they need to install patches to fix the audio/video. Take advantage of people's rush to meet important people and fix the audio to induce the target to relax their vigilance. Once the patch is installed, you will be hit.

Giulio Xiloyonnis, co-founder of blockchain game Mon Protocol, said scammers tried to deceive him and marketing executives through a collaborative meeting. Fortunately, at the last moment, he realized that the Zoom link provided was a scam, which lied that it could not read the audio, inducing the installation of malware. David Zhang, co-founder of the U.S. venture-backed stablecoin Stably, is also one of the targets. The scammer used his Google Meet link but then fabricated an excuse for internal meetings and asked him to join. Zhang said the site seemed normal for Zoom calls, but he answered on a tablet and was not sure what would happen on the desktop. Melbin Thomas, founder of Devdock AI, a decentralized artificial intelligence platform for Web3 project, also encountered this scam, and he is not sure whether the technology is still in danger. Thomas said that although he did not enter the password during the installation process, he had disconnected the laptop and reset it to factory settings. He just transferred the files to the hard drive and had not reconnected it. He did not know whether the hard drive had been infected.

In addition, earlier today, blockchain security company CertiK said that after a series of high-profile hacking, Lazarus Group was found to use a coin mixer to transfer crypto assets and has detected deposits of 400 Ethereum to the Tornado Cash coin mixing service, worth about $750,000.