Lazarus Group Strikes Again: 6 Crypto Wallets Drained in Brazen Heist

North Korea's infamous Lazarus Group just pulled off another crypto raid—leaving six digital wallets bone-dry.

How they did it? Classic spycraft meets cutting-edge crypto-jacking. These guys treat blockchain like an ATM with broken security cameras.

While TradFi bankers fret about dress codes, hackers are rewriting finance's rules: steal first, ask questions never. The only compliance here? With their growing offshore accounts.

• A recent hack carried out using a fake Zoom update and theft of crypto assets from six wallets belonging to Medhi Farooq has been linked to the Lazarus Group. 
• The crypto community has responded with support and warnings, highlighting the growing concerns about new phishing tactics involving fake video calls. 

Lazarus Group, a well-known notorious cybercrime organization, has been linked to a recent phishing attack against the former executive at Animoca Brands. Animoca is a blockchain gaming and digital property company.

According to the details shared, this hack caused the former executive, Medhi Farooq, to lose funds from six different crypto wallets. This attack, like every other one linked to the Lazarus Group, shows the rising threat that advanced cyber-criminals continue to make, especially towards crypto funds.

Also Read: Lazarus Group Reportedly Gains $2.51M from Selling WBTC

How Lazarus Group Managed to Drain the Wallets 

The hack started when Farooq got a Telegram message from Alex Lin, someone he considered an acquaintance, asking to catch up. Farooq then innocently sent his Calendly link to set up a meeting. The next day, just before the call, Lin got another message again, saying they needed to switch to Zoom Business for compliance reasons because a mutual contact named Kent WOULD also join. 

According to Farooq, the Zoom meeting looked real, and there was almost no real reason to raise his suspicion. He added that he had seen Kent and Alex, but there was no sound during the call. In the chat, they said there were technical problems and told Farooq to update his Zoom app. 

After he installed the fake update, he saw that six of his crypto wallets and almost half of his life savings were emptied. Later, he found out that Lin’s account had been compromised. The entire setup was eventually linked to Lazarus, a North Korean hacking group.

Many across the crypto community have sympathized with him, offering him different kinds of help and also warning others about the possible dangers their accounts stand to have if they’re not properly protected; others have warned about the recent ‘zoom’ methods cybercriminals use to drain wallets.

More Reading: solana to $250, XRP to $10 in 2025? ChatGPT’s Top Crypto Price Predictions