This time they didn’t even bother using deepfake, just "real old footage on loop" + fake meeting link, and they pressed a group of crypto bigwigs to the ground.
If you don’t change your security plan after watching this, you’ll be the next trending search.
Scam tactics 5.0 flowchart (recommended to memorize)
1️⃣ Hacked into a major Telegram account
Investor and media KOL accounts change hands overnight, chat records fully inherited
2️⃣ "Old acquaintance" is calling you for a meeting
Zoom / Teams calendar invites sent in seconds, domain only one letter off, hard to discern with the naked eye
3️⃣ Video conference = recorded horror movie
The "real person" on the other side is actually a loop of old podcast footage, lips don’t match? — "Just network lag"
4️⃣ 'Can't hear me? Quickly install this SDK patch!'
One click, RAT Trojan instantly moves in, remote desktop + wallet files + browser cookies packed and uploaded in one go
5️⃣ At 3 AM, your wallet starts making transfers on its own
30 minutes to empty, on-chain mixing coins, North Korean address, want to chase? No way
Psychological trick: Business etiquette = the most convenient Trojan horse
It's awkward to turn off the camera during the meeting
It's awkward to refuse the 'patch'
Awkward to confirm identity again
What others play is your 'sorry' — professional ethics instantly turn into a killing knife!
Data is more chilling: In the past year, North Korean groups have siphoned off 20 billion USD in digital assets
Bybit, Ronin, Atomic are just the tip of the iceberg; 1-on-1 meetings with executives are the latest blood bags.
Don't want to make headlines? Immediately stuff your lifeline into @Lorenzo Protocol
What is Lorenzo?
In a word: 'Break the private key into fragments, making it impossible for hackers to piece together' decentralized custody layer.
Lorenzo Prevent North Korean Scams 3 Combos
1️⃣ MPC threshold signature + biometric key
The private key has never appeared completely; device + fingerprint + face 3 out of 2 must be met, RAT can see through the screen but can't steal
2️⃣ One-click freeze for 'meeting mode'
Detected Zoom/Teams process & download behavior → Automatically lock large transfers, 30 minutes cooling-off period, enough for you to verify the authenticity of colleagues
3️⃣ Zero-knowledge backdoor alert
Trojan changes system time? Secretly screenshots? Lorenzo node immediately sends anonymous alerts, one-click remote wipe of local fragments, hackers leave with an empty shell
More explosive: Lorenzo wrote 'insurance' on the chain
Theft triggers a 100% compensation smart contract, source of funds: node collateral + insurance pool
Compensation records are traceable on-chain, 0 manual approval, block time for arrival
Even if North Korean hackers steal again, they are 'recharging' the entire network — the more they steal, the fuller the pool
Executives can grasp the process in seconds (30 seconds to read)
① Install Lorenzo Guard on the computer
② Bind mobile biometric identification
③ Change the company hot wallet policy to '≥100,000 USD must have Lorenzo threshold signature'
④ Continue the meeting, click on links casually — without a second device + fingerprint, not a single coin can be transferred out
Conclusion: Don't lose billions in 'sorry'
The script of North Korean hackers has upgraded to 'real person recording loop', no matter how sharp your eyesight is, you can't prevent it
Business etiquette is humanity, code insurance is rigidity — use @LorenzoProtocol to turn 'sorry' into 'impossible'
Before the next fake meeting starts, wrap money bags with Lorenzo so that even after the Trojan downloads, it can only stare blankly at an empty shell!
Forward and @ partners still using single-key private keys
When he gets robbed of 8 figures, you'll come back to thank this tweet.
