North Korea’s Lazarus Is Targeting Crypto Executives With Zoom Calls
North Korean crypto hackers are taking phishing scams to new levels. Through GhostCall and GhostHire, they now use AI, hacked footage, and realistic impersonations to infiltrate the Web3 space more effectively than ever before.
North Korean crypto hackers are refining a familiar scam. They once relied on fake job offers and investment pitches to spread malware — now their methods are becoming more sophisticated.
Previously, these attacks depended on victims interacting directly with infected files. But tighter coordination among hacker groups has allowed them to overcome this weakness, using recycled video calls and impersonations of Web3 executives to deceive targets.
North Korea — A Crypto Hacking Pioneer
North Korean crypto hackers are already a global menace, but their infiltration tactics have significantly evolved.
Whereas these criminals used to only seek employment in Web3 firms, they’ve been using fake job offers to spread malware more recently. Now, this plan is expanding again.
According to reports from Kaspersky, a digital security firm, these North Korean crypto hackers are employing new tools.
BlueNoroff APT, a sub-branch of Lazarus Group, the most feared DPRK-based criminal organization, has two such active campaigns. Dubbed GhostCall and GhostHire, both share the same management infrastructure.
Novel Tactics Explained
In GhostCall, these North Korean crypto hackers will target Web3 executives, posing as potential investors. GhostHire, on the other hand, attracts blockchain engineers with tempting job offers. Both tactics have been in use since last month at the latest, but the threat has been increasing.
Whoever the target is, the actual scam is the same: they trick a prospective mark into downloading malware, whether it be a phony “coding challenge” or a clone of Zoom or Microsoft Teams.
Either way, the victim only needs to engage with this trapped platform, at which point the North Korean crypto hackers can compromise their systems.
Kaspersky noted a series of marginal improvements, like focusing on crypto developers’ preferred operating systems. The scams have a common point of failure: the victim has to actually interact with suspicious software.
This has harmed previous scams’ success rate, but these North Korean hackers have found a new way to recycle lost opportunities.
Turning Failures into New Weapons
Specifically, the enhanced coordination between GhostCall and GhostHire has enabled hackers to improve their social engineering. In addition to AI-generated content, they can also use hacked accounts from genuine entrepreneurs or fragments of real video calls to make their scams believable.
One can only imagine how dangerous this is. A crypto executive might cut off contact with a suspicious recruiter or investor, only to have their likeness later weaponized against new victims.
Using AI, hackers can synthesize new “conversations” that mimic a person’s tone, gestures, and surroundings with alarming realism.
Even when these scams fail, the potential damage remains severe. Anyone approached under unusual or high-pressure circumstances should stay vigilant—never download unfamiliar software or engage with requests that seem out of place.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitcoin News Today: Bitcoin Whales Take Different Paths: Selling Off or Increasing Holdings as Prices Fall?
- Bitcoin whale Owen Gunden transferred $43.55M BTC to Kraken, following a $290M deposit, amid a 12% price drop from BTC's all-time high. - Another Ethereum whale deposited $7.92M ETH (12,778x ROI) into Kraken, maintaining a $58.73M position at $0.31 cost basis despite market volatility. - Analysts view whale activity as routine portfolio management, noting Gunden's transparent transactions lack directional bias during broader market uncertainty. - Diverging whale strategies emerge: some offload assets whi
Options traders are wagering on C3.ai's price swings as uncertainty looms over the AI industry
- C3.ai shares fell 2.96% to $17.03, extending a three-day decline amid heavy options trading (137.1% of average volume). - The drop mirrored broader tech sector struggles, with Microsoft and Alphabet mixed, while Oracle dropped 6.69% despite positive analyst ratings. - OpenAI's potential IPO and $500B Stargate Project fueled speculation, though legal risks and Microsoft dependency threaten its growth narrative. - Options traders bet on C3.ai's volatility, with put/call strategies offering 7.65%-11.79% ret
Privacy Coins Hit $24 Billion Market Cap as Advancements Surpass Regulatory Efforts
- Privacy coin market hits $24B valuation as Zcash (ZEC) and Monero (XMR) surge 400% and 120.2% in 2025, outpacing broader crypto markets. - Zcash's Halo 2/Orchard upgrades eliminate "trusted setup" risks, attracting $85M+ in institutional investments via products like Grayscale Zcash Trust. - Monero maintains $4.34B market share with mandatory privacy features but faces EU AMLR ban starting July 2027, highlighting regulatory challenges. - Emerging projects like Aleo (ALEO) push privacy-as-a-service models
SHIB Falls by 0.78% as Network Security Enhancements and Market Fluctuations Continue
- SHIB dropped 0.78% on Nov 2, 2025, amid broader market corrections and a 52.22% annual decline despite short-term gains. - Shiba Inu announced Shibarium's RPC migration and security upgrades to enhance decentralization after a September validator key breach. - Technical analysis shows SHIB trading near RSI neutrality with the 200-day moving average as key support amid network upgrades. - A backtest evaluating price impacts failed due to "division by zero" errors in historical data, requiring filtered dat
Trending news
MoreCrypto prices
More
