Bitget CEO Warns of Zoom Phishing & Crypto Kidnapping Threats

In a detailed post on social media platform X, Bitget CEO Gracy Chen exposed a fast-spreading phishing operation. The scheme begins with crypto professionals receiving fraudulent invitations for what appear to be standard business meetings on platforms like Zoom or Microsoft Teams. These invitations are distributed through Telegram channels and linked to counterfeit Calendly scheduling pages designed to look legitimate. According to Chen, once a victim joins the call, the attackers employ social engineering tactics, citing issues like poor audio quality or connection problems.

The criminals then persuade the target to download a file disguised as a necessary “network update” or software development kit (SDK). This file is, in reality, malware engineered to steal passwords and private keys from the victim’s device, providing direct access to their cryptocurrency holdings. Chen highlighted that this method is famously associated with the Lazarus group, an advanced persistent threat (APT) organization reportedly linked to the North Korean regime. The sophistication of the attack underscores a targeted effort to infiltrate the devices of industry professionals.

Chen specifically warned that attackers have begun impersonating Bitget representatives to add a layer of credibility. She pointed to a fraudulent Telegram account using her name and a fake webpage at “calendly.com/bitgetglobal” as examples. Her urgent message advised users to rigorously verify all meeting links, refuse to install any software pushed during unsolicited calls, and immediately report suspicious contacts to security teams. “Spreading the warning could prevent more users from falling victim to similar traps,” Chen stated, emphasizing community vigilance.

Chen’s cybersecurity alert coincided with alarming reports of physical violence against online personalities. Chinese travel blogger Lan Zhanfei went public about being kidnapped in South Africa. According to his account, the kidnappers spent six months preparing the attack, which involved bribing hotel and airport staff, breaking into his room, and forcing him to provide biological samples under threat of death if he did not return to China. Widely shared posts on Weibo, X, and Facebook described Lan as a high-profile influencer known for extreme expeditions, noting he was held for hours, forced to take nude photos, and made to sign debt agreements.

While Chen did not claim Lan’s kidnapping was directly related to cryptocurrency, she explicitly tied the incident to a broader, worrying pattern of targeted crimes against individuals with significant online footprints, which often includes blockchain users. Lan later thanked the Chinese Embassy for intervening and relocating him, with his IP address subsequently showing Chile. This case illustrates how a public digital presence can translate into real-world physical risk, a concern increasingly relevant for visible figures in the crypto ecosystem.

Lan’s ordeal is not an isolated event but part of a troubling trend of crypto-linked violence. In Minnesota, United States, two brothers were charged in September after allegedly holding a family hostage at gunpoint for nine hours and forcing a victim to move $8 million in cryptocurrency. Similarly, French police arrested five suspects in August following the abduction of a Paris man near the Arc de Triomphe. The kidnappers robbed him of a hard drive containing €2 million in Bitcoin. These cases, from the United States to France, demonstrate how traditional criminals are increasingly targeting individuals once their digital asset holdings become known, blurring the lines between cybercrime and physical extortion.

The simultaneous rise of sophisticated digital phishing and brutal physical crimes creates a hybrid threat landscape for the cryptocurrency industry. On one front, professionals must defend against state-level hacking groups like North Korea’s Lazarus, employing social engineering to bypass digital defenses. On another, they must consider the physical security risks that come with public association with valuable digital assets. This dual-threat environment demands a comprehensive security posture that extends far beyond strong passwords and hardware wallets.

The incidents described by Chen and reported globally highlight a critical vulnerability: the human element. Whether it is a professional clicking a malicious link under pressure during a fake meeting or a high-net-worth individual being tracked and targeted in the physical world, attackers are exploiting personal trust and routine behaviors. For companies like Bitget and individuals in the space, this means security protocols must evolve to include rigorous verification processes for all digital communications and heightened awareness of operational and physical security.

Ultimately, the warnings from Bitget’s CEO serve as a crucial reminder. As cryptocurrency adoption grows and asset values climb, they attract not only cybercriminals but also organized crime groups willing to use violence. The industry’s challenge is no longer solely about protecting private keys from remote hackers but also about safeguarding the individuals who hold them from multifaceted threats that span both the digital and physical realms.