At least three crypto founders have reported foiling an attempt from alleged North Korean hackers to steal sensitive data through fake Zoom calls over the past few days. 

Nick Bax, a member of the white hat hacker group the Security Alliance, said in a March 11 X post the method used by North Korean scammers had seen millions of dollars stolen from suspecting victims. 

Generally, the scammers will contact a target with a meeting offer or partnership, but once the call starts, they send a message feigning audio issues while a stock video of a bored venture capitalist is on the screen; they then send a link to a new call, according to Bax. 

https://x.com/bax1337/status/1899471318178771129?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1899471318178771129%7Ctwgr%5E029a7979f0982dac0f676ca5cc544fbba8017488%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fcointelegraph.com%2Fnews%2Fcrypto-founders-report-deluge-of-north-korean-fake-zoom-hacking-attempts

“It’s a fake link and instructs the target to install a patch to fix their audio/video,” Bax said. 

“They exploit human psychology, you think you’re meeting with important VCs and rush to fix the audio, causing you to be less careful than you usually are. Once you install the patch, you’re rekt.” 

The post prompted several crypto founders to detail their experiences with the scam.

Giulio Xiloyannis, co-founder of the blockchain gaming Mon Protocol, said scammers tried to dupe him and the head of marketing with a meeting about a partnership opportunity.  

However, he was alerted to the ruse when, at the last minute, he was prompted to use a Zoom link that “pretends to not be able to read your audio to make you install malware.”

“The moment I saw a Gumicryptos partner speaking and a Superstate one I realized something was off,” he said. 

David Zhang, co-founder of US venture-backed stablecoin Stably, was also targeted. He said the scammers used his Google Meet link but then made up an excuse about an internal meeting, asking him to join that meeting instead.

“The site acted like a normal Zoom call. I took the call on my tablet though, so not sure what the behavior would’ve been on desktop,” Zhang said.