A new wave of cybercrime is sweeping through the crypto sector as North Korean hackers intensify a scam using fake Zoom meetings. Cybersecurity nonprofit Security Alliance, also known as SEAL, says it now observes several such attacks every day, with victims ranging from individual traders to professionals working inside crypto firms.
Security researcher Taylor Monahan warned that the operation has already drained more than $300M from users. The scam relies on social engineering rather than technical trickery, making it difficult to spot even for seasoned market participants.
The process often begins with a message from a familiar Telegram account. Because the sender appears to be someone the victim already knows, suspicion remains low. After brief small talk, the attacker suggests a casual Zoom call to catch up or discuss work.
Fake Zoom Scam
Before the meeting, the attacker sends a link that looks like a standard Zoom invite. Once the call starts, the victim sees video of the expected person and sometimes others. According to Monahan, these clips are not artificial creations. They are real recordings taken from earlier hacks or public content such as interviews and podcasts.
Shortly after joining, the attacker claims there are audio problems. A file described as a patch or update is shared in the chat. When the victim opens it, malware is installed silently. The attacker then ends the call, often suggesting a reschedule.
At that point, the damage is already done. The malware allows access to passwords, private keys, company data, and Telegram sessions. Monahan warned that attackers stay calm to avoid detection, then gradually empty wallets and spread the attack through the victim’s contact list.
What Victims Should Do Immediately
Anyone who clicked a suspicious link during a Zoom call should disconnect from WiFi and shut down the affected device at once. Using a separate device, users should move crypto funds to new wallets, change all passwords, and enable two factor authentication wherever available. A full memory wipe of the compromised device is advised before reuse.
Telegram security is another major concern. Monahan urged users to open Telegram on a phone, review active sessions, terminate unknown devices, update passwords, and add or refresh multifactor protection.
Once attackers gain control of a Telegram account, they often use saved contacts to repeat the scam. Monahan urged victims to speak up quickly to limit further losses.
BlockchainFX is the world’s first crypto exchange connecting traditional finance with blockchain. Join the $BFX presale today and secure your chance for 100x gains!
Join Now