Kenny Li’s Phishing Experience
Kenny Li, a co-founder of Manta Network, recently became a victim of a highly advanced phishing scheme conducted via Zoom, emphasizing the increasing sophistication of online threats. In a post dated April 17 on X, he detailed how the attackers used live video footage of someone he recognized, tricking him into the belief that the meeting was legitimate.
Although the impersonator’s camera was activated, peculiarities like silence during the interaction and an urgent prompt to download a suspicious script raised his suspicions. Li recalled the scenario:
“I saw their real faces. It looked convincingly genuine, but they weren’t talking. A message stated my Zoom needed an update, requiring me to download a script file. I immediately exited the call.”
Attempts to Verify and Background of Attackers
Despite attempting to confirm the person’s identity through a call on Telegram, he was met with refusal from the impersonator, who subsequently deleted all messages and blocked Li. He suspects the notorious Lazarus Group, known to have ties to the North Korean regime, was behind the phishing attempt. Throughout the incident, he managed to take screenshots of his conversation with the attacker prior to their deletion.
During their chat, Li even proposed moving the conversation to Google Meet, but received only evasions. In an interview with Cointelegraph, Li expressed his suspicions that the video utilized genuine recordings of team members rather than computer-generated imagery, stating that the visual quality resembled that of typical webcams.
Cautionary Advice for the Cryptocurrency Sector
Following the incident, Li confirmed that the real person whose identity was impersonated had their accounts compromised by the Lazarus Group. He cautioned others in the cryptocurrency sector to remain vigilant about any unanticipated requests to download files, declaring:
“A downloadable item is always a major warning sign, whether it’s described as an update, attachment, application, or any other format. If you’re directed to download something to connect with the person on the opposite side, don’t proceed with it.”
The Emotional Manipulation of Phishing Attacks
Li noted the emotional manipulation involved in such attacks, suggesting that they could easily overwhelm individuals within the crypto world accustomed to receiving constant messages and impromptu meeting invites. “These cyber intrusions exploit your emotional ties and can take advantage of mental fatigue,” he reflected.
Others in the cryptocurrency field have echoed similar concerns about such tactics. One user from ContributionDAO recounted their own encounter, explaining:
“They urged me to download Zoom through their link, claiming it was exclusive to their business functionality. I already had Zoom on my computer but was unable to use it as they insisted on a specific business version. They refused to switch over to Google Meet.”
Additionally, a crypto researcher known on X as “Meekdonald” mentioned a friend who also fell for this same approach that Li outmaneuvered, highlighting the growing prevalence of these phishing activities within the crypto community.
