Manta Founder Targets of Sophisticated Lazarus Group Phishing Attack
Manta Network Founder Targeted in Lazarus Group Phishing Attack
Manta Network co-founder, Kenny Li, recently revealed a highly sophisticated phishing attempt targeting him via Zoom. The attack, which Li believes was orchestrated by the North Korean state-sponsored Lazarus Group, employed incredibly realistic tactics.
The Zoom meeting appeared genuine; the attacker used live video recordings of real people known to Li. However, the lack of audio and a suspicious prompt to download a script immediately raised red flags. Li wisely exited the meeting and subsequently contacted the alleged individuals via Telegram to verify their identities. The attackers promptly deleted their messages and blocked Li.
A Highly Realistic Attack
Li emphasized the realism of the attack, stating the video quality was indistinguishable from a typical webcam feed, suggesting the use of previously recorded footage rather than AI-generated content. He confirmed that the accounts of the individuals impersonated had been compromised.
Li's quick thinking allowed him to screenshot portions of the conversation before it was deleted, revealing an attempt by the attacker to have him switch to Google Meet. This strategic move further demonstrated the sophistication of the attack.
Key Warning Signs and Protective Measures
- Never download unsolicited files: This includes software updates, attachments, apps, or any other files requested during unexpected online interactions.
- Verify identities through alternative channels: If something seems amiss, immediately reach out to the individual through a verified method (like a previously known phone number or email address) to confirm their identity.
- Be mindful of mental fatigue: Hackers often exploit busy schedules and mental fatigue to trick individuals into making hasty decisions.
Li's experience highlights a growing threat to crypto executives. The Lazarus Group's ability to leverage high-quality video recordings emphasizes the need for heightened security awareness within the blockchain industry.
Codeum: Protecting the Blockchain Ecosystem
At Codeum, we understand the critical need for robust security in the blockchain space. We provide comprehensive security solutions including smart contract audits, KYC verification, custom smart contract and DApp development, tokenomics and security consultation, and partnerships with launchpads and crypto agencies. Contact us to learn how we can help safeguard your project.
Similar Incidents Reported
Li's case wasn't isolated. Other members of the crypto community reported receiving similar phishing attempts, further emphasizing the scale and organization of this attack vector.
Stay vigilant and protect yourself against these increasingly sophisticated attacks.