What Happened
On April 15, 2026, cryptocurrency wallet provider Zerion published a post-mortem disclosing that DPRK-linked hackers had stolen approximately $100,000 from company-operated hot wallets through an AI-powered social engineering campaign. The attackers compromised employee logged-in sessions, credentials, and the private keys to Zerion's hot wallets. Zerion stated clearly that no user funds, Zerion apps, or core infrastructure were affected. The company disabled its web app as a precaution and opened an investigation. The Security Alliance, an industry consortium that coordinates responses to these attacks, confirmed the methodology matched a broader campaign run by UNC1069, the North Korean threat group Mandiant had documented in detail two months earlier.
The Mandiant report, published February 9, 2026 and titled 'UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering,' described a surgical intrusion against a different FinTech victim using the same playbook. A compromised Telegram account of a real crypto executive. A Calendly link to schedule a 30-minute meeting. A spoofed Zoom call hosted on attacker infrastructure at zoom.uswe05.us. A deepfake video of a known cryptocurrency CEO displayed during the call. A ClickFix social engineering step where the attackers claimed there were audio problems and instructed the victim to run troubleshooting commands for both macOS and Windows. Those commands initiated the infection chain. Seven distinct malware families were recovered from the compromised system.
The Attack Is Not a Smart Contract Exploit
The technical sophistication of Zerion's wallet infrastructure did not fail. No smart contract was exploited. No cryptographic primitive was broken. No node was compromised. The attack surface was a human being on a video call, and the breach point was that human being's trust in what they saw and heard. The victim saw a face they recognized on Zoom. The victim heard what sounded like a familiar voice. The victim was told there was a technical issue requiring a small troubleshooting step. The victim ran the commands. Everything else followed from that single decision.
This is the trust inversion pattern. The protection mechanism is the attack vector. Video calls are supposed to verify identity by letting you see the person you are talking to. Zoom is supposed to be a trusted business tool. Calendly is supposed to route meetings through a legitimate scheduling layer. In this attack, each of those trusted layers is the specific mechanism the adversary uses to build credibility. The victim does not see a phishing email and ignore it. The victim sees a Zoom link from a scheduled Calendly meeting with a known industry executive, clicks through, and participates in a video call with what appears to be a recognizable CEO. The trust is the bait.
Why This Pattern Scales
Google's Threat Intelligence Group has tracked UNC1069's progression toward AI-enabled operations since at least November 2025. The evolution is observable in three stages. Stage one: AI used for productivity, drafting phishing emails, translating lures into target languages, conducting reconnaissance. This is where most threat groups operated in 2024 and early 2025. Stage two: AI used for content generation, creating deepfake images, cloning voices from publicly available audio (earnings calls, podcasts, conference talks), building synthetic personas. Stage three: AI deployed in live active operations, deepfake video and cloned audio used in real time during calls to manipulate targets. UNC1069 is operating at stage three today.
The Mandiant report noted the group has also used Google's Gemini for operational research and tool development. Kaspersky separately reported the overlapping DPRK group Bluenoroff is using GPT-4o to modify images. The SEAL consortium blocked 164 UNC1069 domains between February and April, suggesting a sustained campaign rather than a single operation. This is not one threat actor experimenting with AI. This is a state-sponsored offensive playbook using commodity AI tools at operational scale. The cost per attempt has collapsed. The quality per attempt has risen. The pattern now scales in a way that hardened engineering teams at crypto firms are not structurally prepared for.
What This Means for You
If you self-custody Bitcoin or operate any wallet where private keys live on a machine you use for video meetings, your operational assumption should be that any key-adjacent Zoom call is a potential attack surface. This means three concrete practices. First, out-of-band verification for any meeting that will discuss keys, transfers, custody changes, or anything wallet-related. If someone calls you asking about a wallet operation, confirm through a separate channel you established in advance, by phone, in person, or through a pre-arranged code word. A deepfake cannot pass a verification you built before the attacker had access to your channels.
Second, compartmentalize the machine that signs transactions from the machine that runs video calls. Your signing device should not be the laptop where you take Zoom meetings. Hardware wallets exist for exactly this reason: the signing happens on a device that never touches the internet and cannot be compromised by a ClickFix troubleshooting command on your general-purpose computer. If your workflow currently has you signing transactions on the same machine where you take unplanned video calls with new contacts, that is the single biggest operational change to make this week.
Third, treat unexpected requests for screen-share, troubleshooting commands, or 'audio is broken so let me help you fix it' as malicious by default. This is the ClickFix signature and it is now the delivery mechanism for state-sponsored malware. A legitimate colleague with audio problems does not ask you to run commands on your system. The correct response is to end the call, reach out through a different channel, and reschedule. The social pressure to be helpful in a live meeting is exactly the pressure the attack is designed to exploit.
What to Watch
Watch for additional Zerion-pattern incidents against mid-sized crypto firms. The industry has been warning for two years that social engineering would overtake smart contract exploits as the primary loss vector. 2026 is the year that shift became measurable. Watch SEAL's domain-blocking numbers: 164 in two months is the current trajectory and it implies the operation is funded for the long run. Watch whether major video conferencing providers (Zoom, Google Meet, Microsoft Teams) implement any authenticity signaling for deepfake detection at the platform level. And watch the next DPRK crypto revenue disclosure from the UN Panel of Experts or Chainalysis, because the $2 billion 2025 figure was already a 51% year-over-year increase and the April numbers suggest 2026 will be larger still.