Investment Partner of Hypersphere Falls Victim to Zoom Phishing Scam

Investment partner at the venture firm Hypersphere, Mehdi Farouk, fell victim to a phishing attack through a fake Zoom call.

According to him, the incident began with a Telegram message from an acquaintance, Alex Lin. Since they had communicated before, the request for a call did not raise any suspicions. Farouk shared a Calendly link, and they scheduled a meeting.

Just before the call, the scammer asked to move to Zoom Business for «compliance reasons.» He also mentioned that another acquaintance of Farouk would join the discussion. This did not seem suspicious, as the investor was engaged in treasury transactions.

During the Zoom call, there was no audio. In the chat, Farouk was advised to update the application to resolve the issue. Upon initiating the «update,» his system was compromised.

*»Six wallets have been emptied (it’s my fault for not keeping everything under control). My laptop is completely ruined. Years of savings vanished in minutes,»* he wrote.

Farouk added that during the attack, the scammer continued to calmly communicate with him on Telegram, while Lin’s account had been hacked.

The entrepreneur mentioned that white hat hackers reached out to offer their assistance. It turned out that the attack was orchestrated by a North Korean-linked group known as DangerousPassword.

Recall that in March, North Korean hackers attacked crypto entrepreneurs via Zoom. According to Nick Bax from Security Alliance, this method allowed the criminals to steal «tens of millions of dollars.»

On April 14, hackers stole $100,000 from Jake Gallen, the CEO of NFT platform Emblem Vault, through the video service.

Later, Kenny Li, co-founder of Manta Network, revealed details about an attempted hack reportedly organized by the North Korean hacking group Lazarus Group.