Kenny Li, co-founder of Manta Network, recently shared his experience of being targeted by a highly advanced phishing attack on Zoom. The attack involved fake live video calls with people he recognized, in an effort to convince him to download malware.
Although the video feed appeared legitimate with the impersonated person’s camera on, the absence of sound and a suspicious prompt to download a script immediately raised concerns. Li described the incident in an April 17 post on X, stating, “I saw their real faces, everything seemed convincing, but I couldn’t hear them. It said I needed to update Zoom, but asked me to download a script file. I left right away.”
Li attempted to verify the impersonator’s identity via a Telegram call, but they refused and quickly deleted their messages before blocking him.
Li suspects that the North Korean Lazarus Group was behind this phishing attempt. He managed to capture a screenshot of his conversation with the attacker before it was erased, where he initially proposed switching to Google Meet.
He noted that the live shots used during the call appeared to be from past recordings of actual team members. “It didn’t look like AI. The quality seemed to be standard webcam footage,” he said.
Li confirmed that the real individual’s accounts had indeed been compromised by the Lazarus Group.
Li cautioned others in the crypto community to be vigilant when asked to download anything unexpectedly. He emphasized that downloading any file, whether it’s presented as an update, attachment, or app, should always raise suspicion.
He explained, “The biggest red flag will always be a download request. If you’re asked to download something in order to continue a conversation, don’t do it.” Li acknowledged how easily crypto executives, accustomed to receiving messages and meeting requests, could be tricked by such attacks. “These hacks prey on your emotional connections and mental exhaustion,” he said.
Li’s experience isn’t unique. Other members of the crypto community have reported similar attempts. One member of ContributionDAO recounted being asked to download Zoom through a suspicious link, with the attacker claiming it was a special business version. When they suggested switching to Google Meet, the attacker refused.
Crypto researcher “Meekdonald” also mentioned that a friend had fallen for the same tactic Li managed to avoid.
For more news, find me on Twitter Giannis Andreou and subscribe to My channels Youtube and Rumble
What is your opinion on this particular topic? Leave us your comment below! We are always interested in your opinion!
