Venus $13 Million Phishing Attack Victim: Attack Linked to Lazarus Hacker, Originated from a Spoofed Zoom Meeting Invitation

BlockBeats News, September 4th: EurekaTrading founder Kuan Sun tweeted to recount how he almost lost $13 million in a phishing attack:

On September 2, 2025, around $13 million in assets in his wallet were almost stolen by the Lazarus hacker group. The security team took emergency action and eventually recovered the funds.

The incident stemmed from what seemed like a normal Zoom meeting invitation but was actually a carefully orchestrated phishing trap. The hackers utilized a "familiar stranger" relationship, deepfake videos, and a forged Rabby plugin to tailor an attack to the victim Venus's position. Under the operation of trusting the fake plugin, a withdrawal was executed, putting the assets at risk of being transferred along with debt.

PeckShield, SlowMist, Venus, and several security teams responded promptly, paused the protocol to investigate risks, and ultimately prevented the funds from being stolen. Hardware wallets are not foolproof; plugin and frontend hijacking still pose risks. Zoom links, upgrade pop-ups, and "familiar stranger" relationships could all serve as attack vectors.