{"id":23157,"date":"2025-04-18T10:07:20","date_gmt":"2025-04-18T07:07:20","guid":{"rendered":"https:\/\/forklog.com\/en\/manta-network-co-founder-evades-lazarus-groups-zoom-attack\/"},"modified":"2025-04-18T10:07:20","modified_gmt":"2025-04-18T07:07:20","slug":"manta-network-co-founder-evades-lazarus-groups-zoom-attack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/manta-network-co-founder-evades-lazarus-groups-zoom-attack\/","title":{"rendered":"Manta Network Co-Founder Evades Lazarus Group&#8217;s Zoom Attack"},"content":{"rendered":"<p>Kenny Li, co-founder of Manta Network, has disclosed details of an attempted hack, allegedly orchestrated by the North Korean hacker group Lazarus Group.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">? Just got targeted by Lazarus. <\/p>\n<p>A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked me for camera access which I found a bit odd because I have used Zoom many times. <\/p>\n<p>Even crazier, the team members had their\u2026<\/p>\n<p>\u2014 ?Kenny.manta (@superanonymousk) <a href=\"https:\/\/twitter.com\/superanonymousk\/status\/1913017335436448206?ref_src=twsrc%5Etfw\">April 17, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>During a Zoom video call, the perpetrators used recordings of actual project team members to persuade Li to download a malicious file.<\/p>\n<p>According to him, everything appeared convincing: familiar faces seemed to be participating in the conversation on screen. However, the absence of sound and the request to update Zoom via a script download raised Li&#8217;s suspicions. He immediately left the conference.<\/p>\n<p>Subsequently, Li requested identity verification from the contact through a Telegram call, but was refused. Soon after, the hackers deleted the chat and blocked him.<\/p>\n<p>In a comment to <a href=\"https:\/\/cointelegraph.com\/news\/manta-exec-reveals-attempted-zoom-attack-by-lazarus-using-legit-faces\">Cointelegraph<\/a>, he speculated that the perpetrators used real recordings from past video calls of team members. Li noted that it all looked like a regular webcam recording, not the result of AI work.<\/p>\n<p>He stated that the identities of real people had been compromised.<\/p>\n<p>Li warned the crypto community about the danger of any offers to download files. According to him, the biggest red flag in such situations is the request to download something.<\/p>\n<p>He pointed out that such attacks often target tired or overworked employees who are prone to quickly processing requests.<\/p>\n<p>Earlier in March, North Korean hackers <a href=\"https:\/\/forklog.com\/en\/news\/north-korean-hackers-exploit-zoom-to-target-crypto-entrepreneurs\">targeted<\/a> crypto entrepreneurs via Zoom. According to Nick Bax from Security Alliance, the method allowed fraudsters to siphon off &#8220;tens of millions of dollars.&#8221;<\/p>\n<p>On April 14, hackers <a href=\"https:\/\/forklog.com\/en\/news\/hackers-exploit-zoom-to-steal-100000-from-emblem-vault-ceo\">stole<\/a> $100,000 from Jake Gallen, head of the NFT platform Emblem Vault, through Zoom. The fraudster posed as the owner of a mining platform and installed malware on his computer.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kenny Li, co-founder of Manta Network, has disclosed details of an attempted hack, allegedly orchestrated by the North Korean hacker group Lazarus Group. ? Just got targeted by Lazarus. A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":23156,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1125],"class_list":["post-23157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-lazarus"],"aioseo_notices":[],"amp_enabled":true,"views":"52","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/23157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=23157"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/23157\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/23156"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=23157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=23157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=23157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}