THORChain Founder Loses $1.35 Million in Deepfake Zoom Scam

JP, co-founder of THORChain and Vultisig, reportedly lost around US$1.35 million in cryptocurrency.

• The attack was a multi-stage scam involving:
  1. A hacked Telegram account of a friend, which was used to send a fake Zoom link.
  2. A deepfake Zoom call (video impersonation) to make the setup appear legitimate.
  3. A suspected zero-day exploit or malware that allowed attackers access to private keys stored in iCloud Keychain and an old, forgotten MetaMask wallet.

Key Details

Why This Matters

• Deepfake and conference call scams are getting more sophisticated; even prominent crypto figures are vulnerable.
• Storing private keys or seed phrases in cloud-linked services (like iCloud Keychain) can expose serious risk if those systems are breached.
• Single-key wallets (software wallets) remain a weak link versus multi-sig or threshold signature wallets that distribute trust.

What to Watch Going Forward

• Security experts will likely increase warnings about social engineering + AI tools + credential/identity spoofing.
• Cryptocurrencies and wallet providers may respond by emphasizing better wallet hygiene: cold storage, multi-sig, minimal key exposure.
• Regulators may take note and push for more mandatory disclosures or better standards for key security.

Conclusion

The THORChain founder deepfake Zoom scam underlines a growing threat landscape in crypto: AI-assisted impersonation, compromised accounts, and overreliance on cloud-based key storage. Though $1.35 million is a large sum, the larger lesson is that even seasoned insiders are not immune. Being proactive with wallet security and skeptical of unexpected digital requests remains crucial.