Mehdi Farooq, an funding accomplice at crypto enterprise capital agency Hypersphere, revealed on Thursday that he misplaced a good portion of his life financial savings in a focused phishing assault orchestrated by means of a faux Zoom name.
In a submit on X, Farooq defined that the assault started with a message on Telegram from Alex Lin, somebody he knew. “He needed to catch up,” Farooq recounted.
The 2 had beforehand interacted, making the outreach appear routine. Farooq then shared his Calendly hyperlink with Lin, who scheduled a gathering for the following day.
Minutes earlier than the scheduled name, Lin requested to change to Zoom Enterprise “for compliance causes,” including that one in every of his LPs, Kent, one other acquainted title, could be becoming a member of. Provided that Farooq had been managing treasury offers, the request didn’t elevate suspicion.
Associated: Investor loses $2.6M in zero-transfer phishing rip-off
Zoom replace immediate results in full pockets drain
Farooq mentioned he joined the scheduled Zoom name to seek out there was no audio, although each contributors appeared on display. Within the chat, they instructed him to replace Zoom to repair the difficulty. Shortly after operating the replace, his system was compromised.
“Six wallets drained (my fault for not maintaining issues extra buttoned up). My laptop computer compromised utterly,” he wrote.
Farooq added that whereas the assault was underway, the impersonator continued chatting on Telegram as if nothing was incorrect. “He even joked: ‘Let’s catch up at SG.’” The hackers ultimately drained “years of financial savings… in minutes.”
He later found that Alex Lin’s actual account had been hijacked. In response to Farooq, the assault was linked to a North Korea-affiliated risk actor generally known as “dangrouspassword.”
Earlier this yr, Farooq joined Hypersphere as an funding accomplice, specializing in liquid and enterprise alternatives. He beforehand spent almost three years at Animoca Manufacturers.
Cointelegraph reached out to Farooq for remark however had not obtained a response by publication.
Associated: Phishing scams prime crypto safety risk of 2024 — CertiK
Phishing assaults goal crypto professionals
The latest breach comes amid the rising sophistication of phishing assaults concentrating on crypto professionals.
Final month, BitGo CEO Mike Belshe revealed that scammers impersonating {hardware} pockets maker Ledger are mailing faux letters to crypto customers, urging them to “validate” their wallets or threat dropping entry to funds. The letters, despatched by way of USPS, contained QR codes doubtless resulting in phishing websites.
In April 2025, $330 million in Bitcoin (BTC) was stolen from an aged particular person by means of a phishing assault, onchain detective ZackXBT confirmed.
Journal: Bitcoin’s invisible tug-of-war between fits and cypherpunks
