Security Alliance：朝鲜黑客“假 Zoom”软件攻击已成日常威胁，窃取超 3 亿美元资产

链捕手

Dec 15, 2025

ChainCatcher 消息，网络安全非营利组织 Security Alliance 警告称，他们目前每天都会发现多起由朝鲜黑客发起的诈骗企图，这些攻击通过伪造的 Zoom 会议诱骗受害者上钩。

该诈骗手法是在一场“假 Zoom 通话”中诱导受害者下载恶意软件，从而窃取包括密码和私钥在内的敏感信息。安全研究员 Taylor Monahan 警告称，这一战术已从用户手中掠走超过 3 亿美元的资产。

诈骗通常始于一个 Telegram 账号发来的消息，而该账号往往属于受害者“认识的人”。由于熟人身份，受害者会放松警惕。随后，对话会自然过渡到“通过 Zoom 叙叙旧”的邀请。一旦通话开始，黑客就会假装遇到音频问题，并发送一个所谓的“补丁文件”。当受害者打开该文件时，设备即被植入恶意软件。随后，黑客会以“改天再约”为由结束这场假通话。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2591691916"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2591691916\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2591691916?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-12-15 10:49","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2591691916","market":"hk","top_or_hot":-1,"title":"Security Alliance：朝鲜黑客“假 Zoom”软件攻击已成日常威胁，窃取超 3 亿美元资产","media":"链捕手","content":"<html><body><p>ChainCatcher 消息，网络安全非营利组织 Security Alliance 警告称，他们目前每天都会发现多起由朝鲜黑客发起的诈骗企图，这些攻击通过伪造的 <a href=\"https://laohu8.com/S/ZM\">Zoom</a> 会议诱骗受害者上钩。</p>\n<p>该诈骗手法是在一场“假 Zoom 通话”中诱导受害者下载恶意软件，从而窃取包括密码和私钥在内的敏感信息。安全研究员 Taylor Monahan 警告称，这一战术已从用户手中掠走超过 3 亿美元的资产。</p>\n<p>诈骗通常始于一个 Telegram 账号发来的消息，而该账号往往属于受害者“认识的人”。由于熟人身份，受害者会放松警惕。随后，对话会自然过渡到“通过 Zoom 叙叙旧”的邀请。一旦通话开始，黑客就会假装遇到音频问题，并发送一个所谓的“补丁文件”。当受害者打开该文件时，设备即被植入恶意软件。随后，黑客会以“改天再约”为由结束这场假通话。</p></body></html>","source":null,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Security Alliance：朝鲜黑客“假 Zoom”软件攻击已成日常威胁，窃取超 3 亿美元资产</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSecurity Alliance：朝鲜黑客“假 Zoom”软件攻击已成日常威胁，窃取超 3 亿美元资产\n</h2>\n\n<h4 class=\"meta\">\n\n\n<a class=\"head\" href=\"https://laohu8.com/wemedia/1041503808\">\n\n\n<div class=\"h-thumb\" style=\"background-image:url(https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5);background-size:cover;\"></div>\n\n<div class=\"h-content\">\n<p class=\"h-name\">链捕手 </p>\n<p class=\"h-time\">2025-12-15 10:49</p>\n</div>\n\n</a>\n\n\n</h4>\n\n</header>\n<article>\n<html><body><p>ChainCatcher 消息，网络安全非营利组织 Security Alliance 警告称，他们目前每天都会发现多起由朝鲜黑客发起的诈骗企图，这些攻击通过伪造的 <a href=\"https://laohu8.com/S/ZM\">Zoom</a> 会议诱骗受害者上钩。</p>\n<p>该诈骗手法是在一场“假 Zoom 通话”中诱导受害者下载恶意软件，从而窃取包括密码和私钥在内的敏感信息。安全研究员 Taylor Monahan 警告称，这一战术已从用户手中掠走超过 3 亿美元的资产。</p>\n<p>诈骗通常始于一个 Telegram 账号发来的消息，而该账号往往属于受害者“认识的人”。由于熟人身份，受害者会放松警惕。随后，对话会自然过渡到“通过 Zoom 叙叙旧”的邀请。一旦通话开始，黑客就会假装遇到音频问题，并发送一个所谓的“补丁文件”。当受害者打开该文件时，设备即被植入恶意软件。随后，黑客会以“改天再约”为由结束这场假通话。</p></body></html>\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4613","symbol_name":"AI应用软件","start_time":0,"source_url":"https://www.chaincatcher.com/article/2229528","article_id":"2591691916","we_media_id":"1041503808","thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2591691916","pubTimestamp":1765766944,"columns":[],"sourceInfo":null,"weMediaInfo":{"media_name":"链捕手","introduction":"链捕手ChainCatcher 成立于 2018 年，是一家领先的中文 Web3 媒体及数据服务商。","home_visible":1,"id":"1041503808","head_image":"https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5"},"summary":" ChainCatcher 消息，网络安全非营利组织 Security Alliance 警告称，他们目前每天都会发现多起由朝鲜黑客发起的诈骗企图，这些攻击通过伪造的 Zoom 会议诱骗受害者上钩。\n\n该诈骗手法是在一场“假 Zoom 通话”中诱导受害者下载恶意软件，从而窃取包括密码和私钥在内的敏感信息。安全研究员 Taylor Monahan 警告称，这一战术已从用户手中掠走超过 3 亿美元的资产。\n\n诈骗通常始于一个 Telegram 账号发来的消息，而该账号往往属于受害者“认识的人”。由于熟人身份，受害者会放松警惕。随后，对话会自然过渡到“通过 Zoom 叙叙旧”的邀请。一旦通话开始，黑客就会假装遇到音频问题，并发送一个所谓的“补丁文件”。当受害者打开该文件时，设备即被植入恶意软件。随后，黑客会以“改天再约”为由结束这场假通话。 ","collect":0,"end_time":0,"defaultTopTitle":"","property":[],"viewcount":null,"language":"zh","relate_stocks":{"BK4613":"AI应用软件","BK4505":"高瓴资本持仓","BK4585":"ETF&股票定投概念","BK4023":"应用软件","BK4548":"巴美列捷福持仓","BK4535":"淡马锡持仓","BK4532":"文艺复兴科技持仓","BK4554":"元宇宙及AR概念","LU1861559042.SGD":"日兴方舟颠覆性创新基金B SGD","ZM":"Zoom","LU1861558580.USD":"日兴方舟颠覆性创新基金B","BK4551":"寇图资本持仓","BK4525":"远程办公概念","BK4528":"SaaS概念","BK4588":"碎股"},"translate_title":"Security Alliance: North Korean hackers' \"fake Zoom\" software attacks have become a daily threat, stealing more than $300 million in assets","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"ZM":1.5},"content_text":"ChainCatcher 消息，网络安全非营利组织 Security Alliance 警告称，他们目前每天都会发现多起由朝鲜黑客发起的诈骗企图，这些攻击通过伪造的 Zoom 会议诱骗受害者上钩。\n该诈骗手法是在一场“假 Zoom 通话”中诱导受害者下载恶意软件，从而窃取包括密码和私钥在内的敏感信息。安全研究员 Taylor Monahan 警告称，这一战术已从用户手中掠走超过 3 亿美元的资产。\n诈骗通常始于一个 Telegram 账号发来的消息，而该账号往往属于受害者“认识的人”。由于熟人身份，受害者会放松警惕。随后，对话会自然过渡到“通过 Zoom 叙叙旧”的邀请。一旦通话开始，黑客就会假装遇到音频问题，并发送一个所谓的“补丁文件”。当受害者打开该文件时，设备即被植入恶意软件。随后，黑客会以“改天再约”为由结束这场假通话。","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}