BlueNoroff

Incidents involved as Deployer

Incidente 11171 Reporte
North Korea-Linked Actors Allegedly Use AI Executive Deepfakes in Zoom Phishing Targeting Web3 Employee

2025-06-22

An alleged phishing scheme involving actors linked to North Korea used purported AI-generated deepfake videos of company executives to deceive a Web3 employee during a fake Zoom call. The target was reportedly tricked into installing macOS malware disguised as a "Zoom extension," leading to the deployment of spyware, a keylogger, and a crypto wallet stealer. The attackers reportedly used Telegram and spoofed Zoom domains to orchestrate the breach.

BlueNoroff

Incidents involved as Deployer

Incidente 11171 ReporteNorth Korea-Linked Actors Allegedly Use AI Executive Deepfakes in Zoom Phishing Targeting Web3 Employee

Related Entities Entidades relacionadasOtras entidades que están relacionadas con el mismo incidente. Por ejemplo, si el desarrollador de un incidente es esta entidad pero el implementador es otra entidad, se marcan como entidades relacionadas.

Entidades relacionadas

North Korea

Incidents involved as Deployer

Lazarus Group

Incidents involved as Deployer

Unknown voice cloning technology developer

Incidents involved as Developer

Unknown deepfake technology developer

Incidents involved as Developer

Zoom

Afectado por Incidentes

Incidents implicated systems

Web3

Afectado por Incidentes

Unnamed Web3 employee

Afectado por Incidentes

macOS users

Afectado por Incidentes

Cryptocurrency infrastructure

Afectado por Incidentes

Unknown voice cloning technology

Incidents implicated systems

Unknown deepfake technology

Incidents implicated systems

Telegram

Incidents implicated systems

macOS

Incidents implicated systems

Cryptocurrency wallets

Incidents implicated systems

Incidente 11171 Reporte
North Korea-Linked Actors Allegedly Use AI Executive Deepfakes in Zoom Phishing Targeting Web3 Employee

Related Entities