Kenny Li, co-founder of Manta Network, narrowly escaped a Zoom phishing scam where attackers impersonated a familiar contact. Jake Gallen lost over $100,000 in assets from a similar incident. Both cases illustrate a troubling trend of sophisticated phishing attacks targeting crypto leaders, urging them to remain vigilant against unexpected downloads and software updates.
A phishing scam targeting leaders in the cryptocurrency sector has recently been highlighted, with Manta Network’s co-founder, Kenny Li, narrowly escaping a perilous Zoom call on April 17. This incident underscores the escalating risk as cybercriminals employ sophisticated tactics to infiltrate digital assets of unsuspecting individuals within the crypto community.
During his experience, Li was presented with a realistic video of a familiar individual during a Zoom meeting, despite the absence of audio. A suspicious script download prompt emerged, leading him to exit swiftly. Post-meeting, attempts to verify the impersonator were futile, as the supposed hacker, linked to the Lazarus Group, blocked all forms of communication.
The issue is not isolated, as Jake Gallen, CEO of Emblem Vault, fell victim to a similar scheme on April 11, losing over $100,000 in Bitcoin and Ether after being duped into downloading a link masquerading as a Zoom update. Despite having the application installed, his computer was compromised, resulting in substantial financial loss.
Another victim from ContributionDAO faced pressure from attackers to download a specific version of Zoom while the app was already operational on his device. Attempts to switch to a safer platform were dismissed by the scammers. This method has also impacted well-known figures in crypto, including Pixelmon’s Giulio Xiloyannis and Devdock AI’s Melbin Thomas, who reported their own attempted hacks.
Li emphasises the heightened vigilance required within the crypto sector, as emotional cues and fatigue can make individuals more susceptible to such cyberattacks. He warns against unexpected downloads or updates, stating that any prompt requiring a download should immediately raise concerns. Those receiving such requests must maintain a cautious approach, prioritising awareness to safeguard their digital assets against evolving phishing strategies.
