coinedition.com
A crypto developer came within seconds of a serious security breach this week after fraudsters used artificial intelligence to impersonate a senior Cardano Foundation executive on a live video call, deploying deepfake video and voice technology convincing enough to fool someone who had spoken with the real person before.
The developer, known online as big pey, said the attack began when a message arrived through an account he had previously communicated with, appearing to be from Pierre Kaklamanos, Head of Digital Assets Adoption at the Cardano Foundation. The request was for a catch-up call about a project. Pey agreed and joined a Microsoft Teams link included in the invite.
On the call, he saw Kaklamanos’s face, heard his voice, and observed two other apparent Cardano Foundation staff members. Nothing raised immediate suspicion.
How It Unfolded
Partway through the call, the connection began lagging. A prompt appeared stating that Pey’s Teams software required an update to be installed through the Microsoft Terminal. He ran the command. His laptop battery died at that moment, cutting the machine off before anything further could execute. That timing may have been the difference between a near miss and a serious breach.
When Pey followed up, suggesting the call resume on Google Meet, the person responding said they had gotten busy and asked to reschedule. The exchange prompted Pey to investigate. He concluded that the face, voice, and other participants on the call had all been artificially generated. The original account used to make contact had been compromised.
“As someone who is quite technically savvy, I just got cooked,” Pey wrote on X.
Industry Response
Binance co-founder Changpeng Zhao, known as CZ, amplified the warning to his own followers within hours, describing it simply as a hack people need to watch out for.
Responses to Pey’s post revealed the attack was not isolated. Multiple users described near-identical attempts, several involving hacked Telegram accounts paired with Calendly meeting links. One person reported suffering a financial loss before identifying the scheme.
What Made It Effective
An expert who commented on the incident distilled the defense into two rules: never download software because someone on a call instructs you to, and never run a command in your terminal that originates from an unsolicited or unverified source, regardless of who appears to be asking.
The Cardano Foundation had not issued a public statement on the incident at the time of publication.
Related: CZ Warns Video Verification ‘Out the Window’ After Deepfake Scam Hits Analyst