About $ 1.35 million was taken from a forgotten Metamasa wallet near a co-founder of Thorchen, when the attackers used a hacked telegram account and a fake zoom meeting, according to the report, to achieve access to their stored keys. The theft was first flagged off the on-chain and was later confirmed by several news outlets and investigators.
Thorchen: Multi-Anterar Scam
Based on the reports, the plan began when a colleague’s telegram was compromised and a malicious meeting link was broadcast. This target appeared as a valid video call, but the feed was fake.
The attackers then exploited access to the victim’s ICloud kitchen and browser profiles to remove private keys tied to an old wallet, which was about $ 1.35 million in Crypto.
$ 1.35m was stolen from a thorchain cofounder. Still another reminder: If your key is stored in a software wallet, then you are performing only a malicious code away from losing everything.
In this case, the victim did not even sign a malicious transaction, the Malware just stolen … pic.twitter.com/nls4nwnfyt
– Charles Guilmet (@P3B7_) September 12, 2025
Investigators and on-chain sleeves chime in
Blockchain investigators quickly detected movements and posted conclusions on social platforms, estimating the visual value with some initial on-chain sleeves for about $ 1.2 million, before the reports later placed near $ 1.35 million.
Analysts flagged off links to actors associated with North Korea based on patterns and pre -behavior, although atribution in such cases may be complex and takes time to confirm.
#PECKSHIELDALERT A @Thorchain User’s individual wallets were exploited, resulting in loss of ~ $ 1.2m pic.twitter.com/R385Brhohuu
– Peckshieldalert (@PEPECKSHILDALERT) September 12, 2025
Safety community issues warning
In the Crypto Security Scene, the leaders warned the industry to treat remote meeting links and suddenly file requests with deep caution.
A senior wallet developer highlighted that stoing private keys in software that syncs for cloud services makes the user weakens if those cloud accounts are accessed by malware or other exploits. After the theft was revealed, that warning was echoed in the developer and security feed.
Thorswap provides reward for recovery of money
Reports have revealed that a related project gave a reward to help recover stolen funds, and community members began to monitor the transactions to identify where the property took.
Public appeals and rewards have become a general community response when large amounts are discontinued and on-chanting points for identifiable wallets.
Extensive patterns of deepfeek and zoom scam
This phenomenon is part of the increasing string of attacks that use fake video calls and copy to trick the target in running malicious code or revealing credentials.
Somewhere else in major cases, the victims cost millions of people, including the earlier story, including Deepfeck and fake calls caused the loss of multi-military at the corporate level.
Security researchers say that criminals are now combining social engineering with AI tools to convince scams.
Image painted by IT Security GuruTradingview chart
Editorial process Focus on giving full research, accurate and fair content for bitcoinists. We maintain strict sourcing standards, and each page undergoes hardworking review by our team of top technology experts and experienced editors. This process ensures the integrity, relevance and value of our content for our readers.
