Google Warns of AI-Powered North Korean Malware Campaign Targeting Crypto, DeFi

Google’s security team at Mandiant has warned that North Korean hackers are incorporating artificial intelligence–generated deepfakes into fake video meetings as part of increasingly sophisticated attacks against crypto companies, according to a report released Monday.

Mandiant said it recently investigated an intrusion at a fintech company that it attributes to UNC1069, or “CryptoCore”, a threat actor linked with high confidence to North Korea. The attack used a compromised Telegram account, a spoofed Zoom meeting, and a so-called ClickFix technique to trick the victim into running malicious commands. Investigators also found evidence that AI-generated video was used to deceive the target during the fake meeting.

“Mandiant has observed UNC1069 employing these techniques to target both corporate entities and individuals within the cryptocurrency industry, including software firms and their developers, as well as venture capital firms and their employees or executives,” the report said.

North Korea’s crypto theft campaign

The warning comes as North Korea’s cryptocurrency thefts continue to grow in scale. In mid-December, blockchain analytics firm Chainalysis said North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% increase from the year before. The total amount stolen by DPRK-linked actors now stands at roughly $6.75 billion, even as the number of attacks has declined.

The findings highlight a broader shift in how state-linked cybercriminals are operating. Rather than relying on mass phishing campaigns, CryptoCore and similar groups are focusing on highly tailored attacks that exploit trust in routine digital interactions, such as calendar invites and video calls. In this way, North Korea is achieving larger thefts through fewer, more targeted incidents.

According to Mandiant, the attack began when the victim was contacted on Telegram by what appeared to be a known cryptocurrency executive whose account had already been compromised. After building rapport, the attacker sent a Calendly link for a 30-minute meeting that directed the victim to a fake Zoom call hosted on the group’s own infrastructure. During the call, the victim reported seeing what appeared to be a deepfake video of a well-known crypto CEO.

Once the meeting began, the attackers claimed there were audio problems and instructed the victim to run “troubleshooting” commands, a ClickFix technique that ultimately triggered the malware infection. Forensic analysis later identified seven distinct malware families on the victim’s system, deployed in an apparent attempt to harvest credentials, browser data and session tokens for financial theft and future impersonation.

Deepfake impersonation

Fraser Edwards, co-founder and CEO of decentralized identity firm cheqd, said the attack reflects a pattern he is seeing repeatedly against people whose jobs depend on remote meetings and rapid coordination. “The effectiveness of this approach comes from how little has to look unusual,” Edwards said.

“The sender is familiar. The meeting format is routine. There is no malware attachment or obvious exploit. Trust is leveraged before any technical defence has a chance to intervene.”

Edwards said deepfake video is typically introduced at escalation points, such as live calls, where seeing a familiar face can override doubts created by unexpected requests or technical issues. “Seeing what appears to be a real person on camera is often enough to override doubt created by an unexpected request or technical issue. The goal is not prolonged interaction, but just enough realism to move the victim to the next step,” he said.

He added that AI is now being used to support impersonation outside of live calls. “It is used to draft messages, correct tone of voice, and mirror the way someone normally communicates with colleagues or friends. That makes routine messages harder to question and reduces the chance that a recipient pauses long enough to verify the interaction,” he explained.

Edwards warned the risk will increase as AI agents are introduced into everyday communication and decision-making. “Agents can send messages, schedule calls, and act on behalf of users at machine speed. If those systems are abused or compromised, deepfake audio or video can be deployed automatically, turning impersonation from a manual effort into a scalable process,” he said.

It’s “unrealistic” to expect most users to know how to spot a deepfake, Edwards said, adding that, “The answer is not asking users to pay closer attention, but building systems that protect them by default. That means improving how authenticity is signalled and verified, so users can quickly understand whether content is real, synthetic, or unverified without relying on instinct, familiarity, or manual investigation.”