Manta Network's Kenny Li Dodges Lazarus Zoom Phishing Bullet!

Zoom Ambush: A Close Call with Lazarus Hackers

Kenny Li, co-founder of Manta Network, just had a heart-stopping brush with danger! In an April 17 post, he spilled the beans on a slick Zoom phishing attack, believed to be masterminded by the notorious Lazarus Group.

It all kicked off when a familiar face on Telegram asked Li for a casual Zoom chat. But once on the call, things got weird fast—no audio, just a request to download what looked like a sketchy script file masquerading as a Zoom update. Talk about a red flag!

🚨 Just got targeted by Lazarus.

A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked me for camera access which I found a bit odd because I have used Zoom many times.

Even crazier, the team members had their…

Smelling a rat, Li tried to play it smart by suggesting they switch to Google Meet or hop on Telegram instead. But the impostor wasn't having it—quick as a flash, they wiped all messages and blocked Li. Talk about a narrow escape!

Li later found out that the real person on the call had their accounts hijacked by none other than Lazarus.

Zoom: Lazarus' Favorite Phishing Playground

This isn't Lazarus' first rodeo with Zoom scams. Back in March, Nick Bax from the Security Alliance sounded the alarm on this slick trick. These hackers jump on a call, fake some audio issues, and lure you into a new Zoom room with a dodgy link, pushing you to download a so-called "patch". Bax warned that these tactics have raked in millions for cybercriminals, and now others are jumping on the bandwagon.

Having audio issues on your Zoom call? That's not a VC, it's North Korean hackers.

F fortunately, this founder realized what was going on.

The call starts with a few "VCs" on the call. They send messages in the chat saying they can't hear your audio, or suggesting there's an… pic.twitter.com/ZnW8Mtof4F

In the thread, a bunch of crypto founders chimed in, sharing their own hair-raising tales of dodging these Zoom phishing traps, just like Kenny Li from Manta Network (MANTA).

Giulio Xiloyannis, co-founder of the blockchain gaming outfit Mon Protocol, got hit with a scam where the hacker pretended to be from Story Protocol (IP) to reel him and his marketing lead into a bogus meeting. The ruse crumbled when they suddenly pushed for a new Zoom link with fake audio troubles, trying to slip them some malware.

This happened to me and @NFTVai today. The project lead was disguised as a Story Protocol project for IP usage and rev sharing (very good fit with @Pixelmon business model and my past investments), at the last minute they asked us to use a ZOOM link and…

David Zhang, co-founder of the stablecoin platform Stably, also got ambushed. The scammers crashed his Google Meet call but then cooked up an excuse to switch to a different meeting link. Zhang, smart move, took the call on his tablet, which might've thrown a wrench in the hackers' plans. He thinks they were trying to sniff out his OS to tailor their attack, but it didn't quite work on his mobile.

Melbin Thomas from Devdock AI also got snared in the Zoom scam but smartly dodged entering his password during the fake install. He went off the grid, reset his laptop to factory settings, but he's still sweating over whether his files on an external hard drive are clean, as he hasn't plugged it back in.

The same thing happened to me. But didnt give my password while the install was happening.
Disconnecte my laptop and I reset to factory settings. But transferred my files to a hard drive. I have not connected the hard drive back to my laptop. Is it still infected?

Lazarus Group: Crypto's Cyber Boogeyman

This wave of attacks comes hot on the heels of a January alert from the US, Japan, and South Korea, warning about the escalating threat from the Lazarus Group to the crypto world. Known for pulling off jaw-dropping heists like the Bybit and Ronin network hacks, Lazarus is suspected to be the mastermind behind these latest Zoom phishing assaults.