Fortune Collective co-founder Alex Choi won an X to raise the alarm after becoming a warning story with a crypto exploit that wiped out $1 million from his portfolio.
In his post, Choi revealed that the hackers escaped for a significant amount of money, highlighting the importance of thorough research and property protection, and acknowledging that the exploits are ultimately a side effect of his self-satisfaction.
I’ve run out at $996,000🧵
I’m honestly still dealing with what this happened and even writing it feels totally unrealistic.
I looked into the last 24 hours and wiped out all my devices and moved files.
Some of me were considering whether I should…pic.twitter.com/cwgddgg1vn
– Alexander Choi (@notalexchoi) September 6, 2025
What happened to Alex Choi from Fortune Collective?
Choi posted a thread describing his video phishing exploits, making it clear that he did not seek sympathy, but emphasized the importance of vigilance regardless of his experience in the crypto space.
In terms of experience, Choi may be considered a veteran.
“It started with this account x.com/sparktokensol (please do not interact with links on this page),” he writes.
Every coin has a community page, and this particular page even had engagement from some of his common people with Choi, including his friend who is $Spark Whales.
I then contacted my account and scheduled the meeting. After the first meeting, Choi relaxed even more despite checking his wallet to make sure Goofy hadn’t happened. Everything was going well and he claimed he had not accepted permission during the meeting.
Two days after the first meeting, Choi jumped on another call to his account, but once again everything went smoothly. He met some people, learned their backstory and even said he was buttered about his tribute and how they wanted to work with him.
Cole ended with Choi’s trust even more. However, two days later, while chatting with a friend about his trip, Choi gets a warning that he told him that his money was moving.
By the time he rode his PC and looked through his wallet, he realized that the bad actor had moved almost a million dollars.
After the initial shock was cut off, Choi did more research that he should have done before joining the account. At that time, he realized that his account had a history of bot’s followers and suspicious handles, all the red flags that would have scared him if he had done more than a surface level study when the account first reached for him.
“The lesson you’ve learned is that you can never read the surface of a code. Do your own research first, regardless of the interplay you have,” writes Choi.
He also advised from joining all sorts of third-party calls on apps such as Microsoft Teams, Zoom, Google Meet and more. One red flag pointed out by the founder was that bad actors insist on holding a meeting.
Hackers are currently working heavily on social engineering.
Over the past few months, cybercriminals have devised ways to leverage people’s trust in productivity tools such as Calendly and Google Meet.
Their process usually involves sending invitations that lead to malicious Zoom extension downloads, which compromises user systems. Victims of such schemes may notice abnormal Zoom behavior, new browser extensions they did not install, and unauthorized access to their accounts as a sign of infection.
One form of attack starts with a telegram message containing a Calendly link and is redirected to a fake Google Meet event. So the victim is asked to download the Trojan Horse Zoom Extension, which is supposed to fix the audio issue.
While troubleshooting continues, the extension will give you control of hackers and access to the victim’s system, allowing you to extract information and funds.
It is important to note that these schemes almost always rely on social engineering to attract you. In the case of Choi, it was X’s DM for the project he has some links.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
