We have observed this occurring repeatedly in recent crypto security incidents (olaxbt & venus whale user). It will persist if we, as a crypto community, are not well informed! 😭
DPRK threat actors 🤖 continue to exploit this attack vector because many projects mistakenly believe their macOS systems are inherently more secure and remain unaware of sophisticated Zoom scams involving fake telecommunication devices. It is crucial for organizations to stay security-aware and vigilant.
"According to reports, DPRK threat actors stole a total of $1.5 billion USD in cryptocurrency during the first half of 2025."
These are the few RED flags 🚩 you should notice:
1. Received an unexpected DM from an account, asking for a meeting call, especially on Telegram?
2. Account that reached out is acting differently? Or he has a different TG handle?
3. Prompted to download or run any security update or fix to the "Zoom" software link that they forwarded?
4. Inconsistencies with voice/visual/lighting with the person(s) during the meeting call?
It's time to CHANGE the mental model that macOS is inherently safer; it can also be targeted by malware.
Think you might have been targeted or have any other questions? Reach out to us now so we can assist!!
Stay safe out there!
#DPRK #Crypto #Security #Malware
