Mehdi Farooq, an investment partner at Hypersphere, recently disclosed a significant financial loss due to a sophisticated phishing scheme executed via a counterfeit Zoom call. The incident began when Farooq received a seemingly genuine message on Telegram from an impersonator posing as a known contact, Alex Lin. This initial contact appeared credible, prompting Farooq to share his Calendly link, which led to a scheduled meeting.
Minutes before the meeting, the attacker requested a switch to Zoom Business, citing compliance requirements, and introduced a supposed limited partner, Kent, whose identity Farooq recognized. Engaged in fund management activities, Farooq did not suspect foul play. Subsequent investigations revealed that the original Alex Linβs account had been compromised, linking the attack to a North Korean hacking group known as “dangrouspassword.”
This incident underscores the increasing sophistication of cyber threats targeting crypto investors and highlights the critical need for enhanced security protocols in digital communications within the financial sector.