Cybercriminals are escalating their tactics—and crypto executives are in the crosshairs. In a chilling account shared on April 17, Kenny Li, co-founder of Manta Network, revealed how he narrowly escaped a deepfake phishing attack during a Zoom call.
The attackers impersonated someone Li knew, using real video footage and a fake Zoom update prompt to push him into downloading a malicious script file.
“I could see their legit faces. Everything looked very real. But I couldn’t hear them,” Li wrote on X. “Then it said my Zoom needs an update. But it asked me to download a script file. I immediately left.”
Attackers Used Hacked Identity, Blocked Verification Attempts
After ending the call, Li reached out to the individual via Telegram for verification. Instead of a reply, the imposter deleted all previous messages and blocked him.
🚨 Just got targeted by Lazarus.
A known contact on TG reached out to me to ask for a chat. Scheduled a Zoom call. When I got on the Zoom, it asked me for camera access which I found a bit odd because I have used Zoom many times.
Even crazier, the team members had their…
— 🤓Kenny.manta (@superanonymousk) April 17, 2025
Li later confirmed that the real person—whose image appeared in the Zoom meeting—had been compromised by the Lazarus Group, a North Korea-linked cybercrime syndicate known for targeting the crypto industry.
Li’s experience is part of a troubling trend as phishing attacks and social engineering tactics grow more sophisticated across the crypto space. From faked investor meetings to manipulated video calls, hackers are now using deepfake technology and hijacked identities to lure high-level figures into compromising situations.
Security experts are urging industry insiders to double down on verification protocols, avoid downloading unexpected files, and treat every digital interaction—even familiar faces—with caution.
Source: https://coindoo.com/manta-networks-founder-targeted-in-deepfake-zoom-scam-linked-to-lazarus-group/