Malware-Based Attacks Have Already Stolen More Than $300 Million
Cybersecurity experts are warning that fake Zoom meeting scams linked to North Korean hacking groups have escalated into a daily threat for crypto users, founders, and investors. These attacks rely on social engineering rather than technical exploits, making them especially effective against experienced industry participants.
The scam typically begins with a message from a compromised Telegram account belonging to someone the victim already knows. After a brief conversation, the attacker suggests a Zoom call and shares a link that appears legitimate. During the call, pre-recorded videos of real people are used to create credibility, not artificial deepfakes as widely assumed.
Once the meeting starts, attackers claim there are audio issues and request the victim install a software “patch”. Opening the file installs malware that gives hackers access to private keys, passwords and messaging accounts. Victims often remain unaware until their crypto funds and online identities are fully compromised.
Security researchers estimate that this method has already resulted in over $300 million in stolen digital assets. The attackers frequently seize Telegram accounts and use stored contacts to spread the scam further, accelerating its reach.
Anyone who interacts with a suspicious link is advised to disconnect immediately from the internet, move funds to secure wallets using a clean device, reset all credentials, enable multi-factor authentication, and fully wipe the infected system. Rapid disclosure to contacts is also critical to limit further damage.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.