Hackers massively attacked major cryptocurrency holders through Zoom platform

North Korean hackers are attacking crypto entrepreneurs through the Zoom platform, posing as venture capitalists. The fraudsters use social engineering to trick victims into installing malware that allows them to steal confidential data and money. According to technical analyst Nick Bax of the Security Alliance, this method has already brought the attackers «tens of millions of dollars.»

The scheme works like this: hackers contact the owners of crypto projects, offering investments or partnerships. During a video call, the fraudsters report sound problems and send a new link to a Zoom conference, where they offer to download the «necessary patch» to fix the error. In fact, it’s a malicious file that allows access to the victim’s device.

One of the founders of the Web3 protocol Mon Protocol, Giulio Xiloyannis, confirmed that hackers tried to deceive his team by posing as the CEO of Story Protocol. He suspected something was wrong when he saw suspicious participants in the call. Another entrepreneur, David Zhang, CTO of the Stably project, avoided the attack because he received the call on a tablet — the hacker software was not adapted to the mobile OS.

Some victims, such as Devdock AI founder Melbin Thomas, could have been affected as well. Nevertheless, he turned off the laptop in time and reset the settings to factory defaults, but he is not sure that he has completely gotten rid of the virus.

Experts advise that if you suspect anything, you should immediately disconnect your device from the Internet, turn it off, and contact a specialist. The Zoom attacks are yet another example of how hackers from North Korea, including the Lazarus group, use social engineering to attack the crypto industry.