Mehdi Farooq, an investment partner at crypto venture capital firm Hypersphere, revealed on Thursday that he lost a significant portion of his life savings in a targeted phishing attack orchestrated through a fake Zoom call.In a post on X, Farooq explained that the attack began with a message on Telegram from Alex Lin, someone he knew.
He wanted to catch up, Farooq recounted.The two had previously interacted, making the outreach seem routine.
Farooq then shared his Calendly link with Lin, who scheduled a meeting for the next day.Minutes before the scheduled call, Lin asked to switch to Zoom Business for compliance reasons, adding that one of his LPs, Kent, another familiar name, would be joining.
Given that Farooq had been managing treasury deals, the request didnt raise suspicion.Related: Investor loses $2.6M in zero-transfer phishing scamZoom update prompt leads to full wallet drainFarooq said he joined the scheduled Zoom call to find there was no audio, though both participants appeared on screen.
In the chat, they instructed him to update Zoom to fix the issue.
Shortly after running the update, his system was compromised.Six wallets drained (my fault for not keeping things more buttoned up).
My laptop compromised completely, he wrote.Farooq faces issues with audio during a fake Zoom call.
Source: FarooqFarooq added that while the attack was underway, the impersonator continued chatting on Telegram as if nothing was wrong.
He even joked: Lets catch up at SG.
The hackers eventually drained years of savings in minutes.He later discovered that Alex Lins real account had been hijacked.
According to Farooq, the attack was linked to a North Korea-affiliated threat actor known as dangrouspassword.Earlier this year, Farooq joined Hypersphere as an investment partner, focusing on liquid and venture opportunities.
He previously spent almost three years at Animoca Brands.Cointelegraph reached out to Farooq for commentbut had not received a response by publication.Related: Phishing scams top crypto security threat of 2024 CertiKPhishing attacks target crypto prosThe breach comes amid increasing sophistication of phishing attacks targeting crypto professionals.Last month, BitGo CEO Mike Belshe revealed that scammers impersonating hardware wallet maker Ledger are mailing fake letters to crypto users, urging them to validate their wallets or risk losing access to funds.
The letters, sent via USPS, contained QR codes likely leading to phishing sites.In April, $330 million in Bitcoin(BTC) wasstolen from an elderly individual through a phishing attack, onchain detective ZackXBTconfirmed.Magazine: Bitcoins invisible tug-of-war between suits and cypherpunks