Google-owned Mandiant Cybersecurity Consulting firm has published a report detailing the modus operandi of the North Korea-based UNC1069 threat actors, who specifically target entities in the cryptocurrency and decentralised finance industry. The hackers take out ClickFix scams using social engineering tactics. A victim is first contacted via Telegram, where they are sent a link to a fake Zoom meeting. After joining the meeting, the hackers play AI-generated deep fake videos of known personalities to gain their trust, in turn infecting their systems with malware families.