The Security Alliance (SEAL) flags a tactical shift by North Korean threat actors. These groups are now launching daily attacks by mimicking Zoom technical glitches. Security researcher Taylor Monahan estimates that industry losses from this specific vector have already topped $300M.
How the Scheme Works
It starts with a Telegram message from a known contact whose account has been compromised. After a brief chat, the victim gets invited to a Zoom call to discuss a project or investment. The invite link looks legitimate but directs to a phishing interface.
Once in the chat, the victim sees real faces of partners or prominent crypto figures. Monahan emphasizes: these are not deepfakes. The hackers loop clips from old conferences or public podcasts. The video feed appears authentic, lulling the target into a false sense of security.
Shortly after the call begins, the scammers feign audio issues. To fix the “glitch”, they urge the victim to download a patch or installer. Executing this file infects the device, granting attackers access to private keys, passwords, and active messenger sessions. The call is then abruptly ended under the guise of rescheduling while the malware drains the wallets.
The Kim Jong Un Test
Former lead Monero developer Riccardo Spagni suggested an unconventional verification method. North Korean operatives work under strict ideological constraints and physically cannot insult their leader, even to maintain their cover.
If a caller seems suspicious, experts advise asking them to type a phrase like “Kim Jong Un is a loser” or “Kim Jong Un is a pig” in the chat. A real Western dev will do this without hesitation. A DPRK hacker will ignore the request, make excuses, or immediately disconnect.
Read also:
- Korean Authorities Pin Upbit Hack on Lazarus Group
- North Korean Hackers Stole Over $2B in Cryptocurrency in 2025 – Elliptic
- ZachXBT Uncovered 25+ Attacks Involving North Korean Hackers Masquerading as Crypto Employees
This post is for informational purposes only and does not constitute advertising or investment advice. Please do your own research before making any decisions.