Investor tricked via Zoom, loses millions in crypto
30.06.2025
Mehdi Farooq, a venture partner at Hypersphere, fell victim to a well-orchestrated phishing attack disguised as a business Zoom call.It all began with a Telegram message from Alex Lin – someone Farooq had previously communicated with. The request for a meeting raised no red flags, and Farooq shared his Calendly link. The “contact” selected a time, and the meeting was scheduled.Shortly before the call, the attacker asked to switch to Zoom Business, citing “compliance reasons.” He also mentioned that another one of Farooq’s acquaintances would be joining – a common scenario for those involved in treasury operations.During the call, there was no audio. In the Zoom chat, Farooq was advised to update the app to fix the issue. When he launched the “update,” a malicious script was executed on his laptop. The system was compromised, and his crypto wallets were drained.“Six wallets were hacked. It’s my fault – I didn’t keep everything under control. The laptop is dead. Years of savings vanished in minutes,” Farooq wrote.While trying to understand what had happened, the scammer kept chatting with him on Telegram, maintaining the illusion of a normal conversation. It was later revealed that Alex Lin’s account had also been hacked. After the incident, white-hat hackers reached out to Farooq and investigated the attack, tracing it back to a North Korea-linked group called DangerousPassword.Such attacks are not uncommon. In March, researchers at Security Alliance reported that North Korean hackers used Zoom to steal tens of millions of dollars from crypto entrepreneurs. In April, Jake Gallen, head of the NFT platform Emblem Vault, lost $100,000 in a similar scheme. Kenny Li, co-founder of Manta Network, later disclosed an attempted hack believed to be carried out by the Lazarus Group.Conclusion:Even familiar tools like Telegram, Zoom, and Calendly can become weapons in the hands of hackers. Always be cautious about app updates and unexpected requests during online meetings.