THORChain Co-Founder Loses $1.35M in North Korea-Linked Telegram Deepfake Scam

JP Thor falls victim to a phishing attack involving a deepfake Zoom call and suspected zero-day exploit, marking a broader trend in crypto-targeted cybercrime.

RUNE

189d ago

Summary

THORChain co-founder JP Thor lost $1.3 million in a phishing attack on September 9, linked to North Korean hackers. The attack involved a hacked Telegram account, a deepfake Zoom call, and a suspected zero-day exploit to access his MetaMask wallet stored in iCloud Keychain. PeckShieldAlert confirmed the loss, and JP offered a 72-hour bounty for the return of the stolen funds. This incident highlights a surge in Telegram scams and rising malware attacks targeting crypto wallets, contributing to the $2.2 billion lost in crypto crime in 2025.

Terms & Concepts

Zero-Day Exploit: A previously unknown software vulnerability exploited by attackers before developers release a fix.
MetaMask: A popular crypto wallet and gateway to blockchain apps that allows users to store and manage cryptocurrency private keys.
Threshold Signature Wallet: A cryptographic wallet system that splits private key control across multiple devices or parties to enhance security.