North Korea-Linked Actors Allegedly Use AI Executive Deepfakes in Zoom Phishing Targeting Web3 Employee
June 22, 2025
This incident underscores the importance of Project Cerebellum's efforts in establishing guardrails for trustworthy AI. Join us in shaping a future where responsible AI governance helps prevent such harmful incidents: JOIN US
For those interested, this incident maps to HISPI Project Cerebellum TAIM, specifically the 'Govern' function, emphasizing the need for robust AI governance frameworks.
Matched TAIM controls
Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls
- MEASURE 2.10 — similarity 0.639, rank 1. TAIM detail and related incidents →
- MAP 1.6 — similarity 0.636, rank 2. TAIM detail and related incidents →
- MAP 4.1 — similarity 0.632, rank 3. TAIM detail and related incidents →
- Alleged deployer
- north-korea, lazarus-group, bluenoroff, government-of-north-korea
- Alleged developer
- unknown-voice-cloning-technology-developers, unknown-deepfake-technology-developers
- Alleged harmed parties
- zoom, web3, unnamed-web3-employee, truth, national-security-and-intelligence-stakeholders, macos-users, epistemic-integrity, cryptocurrency-infrastructure
Source
Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1117
Data source
Incident data is from the AI Incident Database (AIID).
When citing the database as a whole, please use:
McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.
Pre-print on arXiv · Database snapshots & citation guide
We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.