Gate News: According to the latest Gate TradFi data, ZM (Zoom) has surged by 2% in a short period. Current volatility is significantly higher than recent averages, indicating increased market activity.

Foresight News reports that, according to CertiK monitoring, the privacy gaming project FOOMCASH experienced a vulnerability exploitation event (or white-hat rescue operation) in its lottery contract, involving approximately $1.8 million. The root cause of the vulnerability may be related to its Groth16 verifier setup, allowing attackers to repeatedly collect ZOOM tokens when all other inputs remain the same.

On February 11, news reports revealed that Mandiant, Google's security team, disclosed that a hacker group linked to North Korea is using deepfake videos and fake Zoom calls to carry out highly customized social engineering attacks against the cryptocurrency industry. They are also deploying various malicious programs to steal assets and data. The investigation shows that this operation was launched by the cyber threat group UNC1069. The group has been active since at least 2018 and shifted its focus from traditional finance to the Web3 space after 2023, targeting executives of crypto fintech companies, software developers, and venture capital professionals. The incident began when an industry executive's Telegram account was hijacked. The attackers impersonated the individual to contact targets, build trust, and then sent fake Calendly video meeting invitations.

Google Mandiant Security Team Report States that North Korean hacker group UNC1069 uses AI-generated fake videos and fake Zoom meetings to launch cyberattacks on cryptocurrency and fintech companies, trick victims into running malicious software, and steal important data.

Hacker groups related to North Korea are using AI-generated fake video calls to target cryptocurrency industry professionals, tricking them into installing malware. Through compromised Telegram accounts, attackers conduct multi-stage infections under the guise of "fixing Zoom audio issues" to gain control of devices. Security researchers have attributed this attack to Lazarus Group and are calling on the crypto industry to stay vigilant and strengthen security measures.

Odaily Planet Daily reports that Slow Fog's Yuxian posted on the X platform stating that certain hacker organizations are using worm propagation engineering. After gaining access to Telegram accounts, they contact contacts in both Chinese and English, using methods such as fake Zoom meeting software, malicious code repositories, malicious third-party tools, or gaming software to infect target contacts. After completing coin theft and account hijacking, the hacker organizations proceed to the next round of operations and continuously optimize their worm propagation techniques.