Lazarus Group Targeted Manta Network Co-founder Kenny Li with a Zoom Based Social Engineering Attack

The Lazarus Group, a North Korean-affiliated cybercrime syndicate, attempted to hack Manta Network co-founder Kenny Li. The attack was carried out by the

A North Korea-affiliated cybercrime syndicate, known as Lazarus Group, attempted to scam Manta Network co-founder Kenny Li in a new phishing attempt.

According to a recent report by TokenPost, the hackers contacted Li on Telegram, posing as a trusted contact who had arranged a Zoom meeting on April 17.

During the call, Li noticed several strange prompts, including a request for camera access and a script file download, which raised his suspicions. As a result, he deleted their messages and left the meeting, only to discover later that the contact had blocked him.

This experience highlights a growing trend of Zoom-based attacks against members of the crypto community, which have been linked by cybersecurity experts to the Lazarus Group, who have been exploiting vulnerabilities in Web3 infrastructure.

How Lazarus Exploits Zoom for Crypto Scams

The attack on Li involved a fake Zoom call with pre-recorded footage from previous meetings, that was probably obtained by compromising team members’s email accounts. The audio was not working and familiar faces were shown, mimicking a legitimate meeting, before a prompt to download a script file appeared.

This tactic is similar to what has been previously reported about Zoom scams. For instance, SlowMist conducted an investigation last year that found hackers were using fake Zoom interfaces to trick users to download malware. These malicious files steal system data, browser cookies and cryptocurrency wallet credentials and send them to the remote server of the attackers.

In another instance, a user from Vow | ContributionDAO had a nearly identical experience on April 18, when an attacker, pretending to be part of a blockchain team, demanded a specific Zoom link. However, when the user suggested switching to Google Meet, the attackers disappeared.

As these attacks become increasingly sophisticated, members of the crypto community are raising alarm. These scams can become very convincing when they are made using deepfake technology or pre-recorded footage.

KiloEx Recovers $7.5M After Separate Exploit

In a separate development, decentralized exchange KiloEx has recovered $7.5 million after being hacked.

The DeFi protocol announced on Wednesday that the attacker returned the funds, stolen four days earlier, after they reached an agreement on a bounty deal.

The exploit was due to a manipulated price oracle, a known vulnerability of decentralized finance platforms. KiloEx had enlisted the help of several cybersecurity firms, including SlowMist and Sherlock to trace the attack.

After the exploit, KiloEx temporarily suspended operations and is still deciding whether to pursue legal action against the hacker. The incident also serves as a stark reminder that vulnerabilities in smart contracts and oracles remain prime targets for cybercriminals in the DeFi sector.