Manta Network Co-Founder Evades Lazarus Group’s Zoom Attack

Kenny Li, co-founder of Manta Network, has disclosed details of an attempted hack, allegedly orchestrated by the North Korean hacker group Lazarus Group.

? Just got targeted by Lazarus.

A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked me for camera access which I found a bit odd because I have used Zoom many times.

Even crazier, the team members had their…

— ?Kenny.manta (@superanonymousk) April 17, 2025

During a Zoom video call, the perpetrators used recordings of actual project team members to persuade Li to download a malicious file.

According to him, everything appeared convincing: familiar faces seemed to be participating in the conversation on screen. However, the absence of sound and the request to update Zoom via a script download raised Li’s suspicions. He immediately left the conference.

Subsequently, Li requested identity verification from the contact through a Telegram call, but was refused. Soon after, the hackers deleted the chat and blocked him.

In a comment to Cointelegraph, he speculated that the perpetrators used real recordings from past video calls of team members. Li noted that it all looked like a regular webcam recording, not the result of AI work.

He stated that the identities of real people had been compromised.

Li warned the crypto community about the danger of any offers to download files. According to him, the biggest red flag in such situations is the request to download something.

He pointed out that such attacks often target tired or overworked employees who are prone to quickly processing requests.

Earlier in March, North Korean hackers targeted crypto entrepreneurs via Zoom. According to Nick Bax from Security Alliance, the method allowed fraudsters to siphon off “tens of millions of dollars.”

On April 14, hackers stole $100,000 from Jake Gallen, head of the NFT platform Emblem Vault, through Zoom. The fraudster posed as the owner of a mining platform and installed malware on his computer.