Cybercriminals Attempt Intrusion into Cryptocurrency Business Owners through Zoom Platform
North Korean Hackers Exploit Zoom for Cryptocurrency Heists
North Korean hacking groups are allegedly filling the digital space with fake investments and partnership offers, using Zoom as a platform to trick cryptocurrency project founders out of their sensitive data.
On March 11, 2025, Nick Bax from Security Alliance revealed that this tactic has facilitated the theft of "tens of millions of dollars" from unsuspecting victims.
The scam starts with a few "venture capitalists" on a Zoom call, with messages in the chat about audio issues or suggesting there's a problem with the video feed. At this point, the hackers will provide a link to a different Zoom conference, pretending it's a solution for the audio issues.
An expert's explanation provided further insight: scammers exploit human psychology by convincing victims they are meeting important venture capitalists and inducing them to rush to fix the supposed sound problem, making them less cautious than usual. Once an alleged fix is downloaded and installed, the victim's sensitive data is exposed.
When realizing the error, Bax advised immediately disconnecting the device from the internet, turning it off, and contacting specialists if necessary.
Julio Ksilyannis, co-founder of Mon Protocol, confirmed that scammers attempted to deceive him and the head of marketing, disguising the contact as the CEO of Story Protocol who immediately mentioned sound issues. Ksilyannis was asked to follow a new Zoom link and was suggested running the fix proposed.
David Zhang, co-founder and CTO of Stably, shared his experience with a similar situation, remarking: "Another day, another North Korean scammer." Other entrepreneurs, such as Melvin Thomas from Devdock AI, also reported suspected hacker actions.
Hackers from the North Korean Lazarus Group are also launching new attacks on the GitHub platform, aiming to target cryptocurrencies. Curious about implementing greater security measures, consider implementing multi-factor authentication, enhancing Zoom security settings, using secure communication channels, educating team members on phishing, monitoring for suspicious activity, and adopting Web3 security practices.
In light of the North Korean hackers exploiting Zoom for cryptocurrency heists, it's crucial to prioritize cybersecurity within the realm of technology. To safeguard against such scams, it's advisable to be wary of unsolicited Zoom links, especially when discussing sensitive data, and to emphasize the importance of multi-factor authentication, enhanced Zoom security settings, secure communication channels, team member education on phishing, activity monitoring, and Web3 security practices.
