Moonlock Lab analysts have detected a widespread attack targeting crypto professionals. The attackers pose as investors and hunt for victims via LinkedIn. They compliment projects, propose collaborations, and share links to fraudulent Zoom and Google Meet websites containing viruses. Three bogus funds have been set up — SolidBit Capital, MegaBit, and Lumax Capital — complete with convincing websites and AI‑generated photos of staff members. The modus operandi resembles that of the UNC1069 group, which is linked to North Korea and has been compromising crypto projects since 2018.