North Korean hackers use AI deepfake Zoom to scam, cryptocurrency companies face dual attack of targeted "social engineering + Trojan"

GateNewsBot

2026-02-11 10:23:56

February 11 News, Google’s security team Mandiant disclosed that a North Korea-linked hacker group is using deepfake videos and fake Zoom calls to carry out highly targeted social engineering attacks against the cryptocurrency industry, and is deploying multiple malicious programs to steal assets and data.

The investigation shows that this operation was launched by the cyber threat group UNC1069. The group has been active since at least 2018 and shifted its focus from traditional finance to the Web3 space after 2023, targeting executives of crypto financial technology companies, software developers, and venture capital professionals. The incident began when an industry executive’s Telegram account was hijacked. The attacker impersonated the individual to contact targets, build trust, and then send fake Calendly video meeting invitations.

After victims clicked the link, they were directed to a fake Zoom domain controlled by the attacker. During the call, the attacker played a deepfake video of what appeared to be the CEO of another crypto company, and claimed there was an “audio malfunction,” tricking the target into running a supposed troubleshooting command on their computer. These commands triggered an infection chain on macOS and Windows systems, silently deploying up to seven malicious software programs.

Mandiant confirmed that these tools can steal Keychain credentials, browser cookies, login information, Telegram sessions, and local sensitive files. Researchers believe that the attackers aim both to directly acquire crypto assets and to gather intelligence for future scams. Deploying so many tools on a single device indicates a carefully planned targeted infiltration.

This incident is not isolated. By 2025, similar AI conference scams had caused losses exceeding $300 million; throughout the year, cyber operations related to North Korea stole approximately $2.02 billion in digital assets, a 51% increase. Chainalysis also pointed out that scam groups utilizing on-chain AI services are significantly more efficient than traditional methods.

As the barrier to deepfake technology continues to lower, the crypto industry faces unprecedented security challenges. Experts warn that online meetings involving funds and system permissions must strengthen multi-factor authentication and device isolation; otherwise, they could become the next attack vector.

View Original

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.

Trader on Polymarket loses hundreds of thousands of USD due to fake Uniswap ads on Google

uniswap news Daily Crypto News Security Incidents

A trader lost hundreds of thousands of dollars after clicking a fake Uniswap ad on Google. This incident highlights ongoing phishing scams in crypto, where attackers disguise malicious sites to steal assets. Experts urge stricter measures against such fraudulent ads.

TapChiBitcoin10h ago

IoTeX: Previously suffered $2 million in on-chain attack losses, expected to resume operation within 48 hours

Project Progress Security Incidents

IoTex announces an update stating that they have controlled the private key leak incident, with losses of approximately $2 million, involving multiple assets. The team is working with exchanges and law enforcement agencies to freeze the stolen funds and conduct an investigation. On-chain functionalities will be restored after the security upgrade and will keep transparent progress.

GateNewsBot19h ago

Fraud losses in the cryptocurrency sector reached $370 million in January, the highest in nearly 11 months

uniswap news Security Incidents

Uniswap founder Hayden Adams warns that search engine ads impersonating Uniswap have caused users to lose high-value crypto assets, with scammers using this to trick users into connecting wallets and authorizing transactions. In January 2026, the crypto industry suffered losses of $370.3 million from such attacks, mainly caused by phishing links and fake ads, highlighting the threat of brand impersonation to user trust.

GateNewsBot19h ago

ZachXBT warns that accounts on X are fabricating content to lure and scam users.

Security Incidents

ZachXBT warns of a social media account allegedly fabricating stories to increase engagement and lure users into scams. The account has gained a large following using shocking content. The public is encouraged to verify information and remain cautious of high-profile accounts to avoid scams.

TapChiBitcoin20h ago

IoTeX Bridge Exploit Drains $8M After Private Key Compromise

Daily Crypto News Price Volatility Security Incidents

The IoTeX blockchain faced a major exploit, with over $8M stolen due to a compromised private key. The hacker quickly converted the stolen assets into Ethereum and began transferring them to Bitcoin. While IoTeX reported lower losses than expected, the incident highlights security vulnerabilities in cross-chain bridges.

BlockChainReporter21h ago

Comment

0/400

00001cl

· 02-11 10:37

Purely a mafia!

View OriginalReply0