North Korea Hackers Steal $300 Million via Fake Zoom Meetings

North Korean cybercriminals have successfully stolen more than $300 million by executing a 'long-con' social engineering campaign that impersonates trusted industry figures in fake video meetings, according to researcher Taylor Monahan. This method bypasses recent deepfake attacks, instead relying on hijacking Telegram accounts and using looped footage from real interviews. The attack begins when hackers take over a victim's Telegram, use existing chat history to establish trust, and then lure the victim into a Zoom or Teams call via a disguised link. During the call, after faking technical issues, the attacker prompts the victim to download a malicious script or SDK, which installs a Remote Access Trojan (RAT). This malware grants the attacker control to drain crypto wallets and steal sensitive data, including Telegram session tokens for further attacks. Experts warn that this tactic weaponizes professional courtesy, and any request to download software during a call should be treated as an active attack signal.

(Source：BeInCrypto)