The Web3 security firm HashDit stated on X, "DPRK threat actors continue to use fake Zoom links and deepfakes to scam macOS users into installing malware and draining their crypto funds." The firm has observed these tactics in recent crypto security incidents and warns that they will persist if the crypto community remains uninformed.
HashDit highlights several warning signs for users to be aware of: receiving unexpected direct messages from accounts requesting meeting calls, especially on Telegram; accounts behaving unusually or using different Telegram handles; prompts to download or run security updates or fixes via forwarded "Zoom" software links; and inconsistencies in voice, visuals, or lighting during meeting calls.
The firm emphasizes the need to change the perception that macOS is inherently safer, as it can also be targeted by malware. Users who suspect they have been targeted or have questions are encouraged to reach out for assistance. HashDit advises the community to stay vigilant against these threats.