Hypersphere investment partner Mehdi Farooq revealed on Thursday that he lost most of his life savings in a meticulously planned targeted phishing attack conducted through a fake Zoom call.

In a post on the X platform, Mehdi explained that the attack began when he received a message on Telegram from someone he knew, Alex Lin. “He wanted to catch up,” Mehdi recalled.

The two had interacted before, so the contact seemed normal. Mehdi then shared his Calendly link with Lin, who scheduled a meeting for the next day.

Just minutes before the scheduled call, Lin requested to switch to Zoom Business “for compliance reasons,” adding that one of his limited partners, Kent—another name familiar to Mehdi—would also join. Since Mehdi had been managing fund transactions, this request did not raise any suspicions.

Mehdi stated that after joining the scheduled Zoom call, he found there was no sound, even though the screen showed two participants. In the chat, they instructed him to update Zoom to resolve the issue. Shortly after running the update, his system was compromised.

“Six wallets were emptied (my own mistake for not having tighter security). My laptop was completely taken over,” he wrote.

Mehdi added that during the attack, the impersonator continued chatting on Telegram as if nothing had happened. “He even joked, ‘Let’s meet in Singapore to talk.’” Ultimately, the hacker emptied “years of savings” in just a few minutes.

He later discovered that the real account of Alex Lin had been hijacked. According to Mehdi, this attack was linked to a North Korean-related threat actor known as “dangrouspassword.”

Earlier this year, Mehdi joined Hypersphere as an investment partner, focusing on liquidity and venture capital opportunities. Prior to this, he worked at Animoca Brands for nearly three years.

Cointelegraph has reached out to Mehdi for comment but had not received a response by the time of publication.

This leak comes at a time when phishing tactics targeting crypto professionals are becoming increasingly sophisticated.

Last month, BitGo CEO Mike Belshe revealed that scammers impersonating hardware wallet manufacturer Ledger were mailing fake letters to crypto users via the United States Postal Service (USPS), urging them to “verify” their wallets or risk restricted access to their funds. The QR codes included in these letters likely led to phishing websites.

In April of this year, on-chain detective ZackXBT confirmed that an elderly person lost $330 million worth of Bitcoin (BTC) in a phishing attack.

Related: The myth of cold wallet security shattered? $6.9 million in assets stolen, warning of new risks in the crypto world.

Original: “Crypto VC partner loses ‘life savings’ in fake Zoom call”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。