Crypto CEO Loses $100,000 in Zoom Hack by ELUSIVE COMET
2min read Emblem Vault CEO Jake Gallen has issued a warning to the cryptocurrency community about the risks associated with using the video conferencing platform zoom. Gallen, who is also a podcaster and NFT collector, disclosed on April 11 that he had suffered a "complete computer compromise," resulting in the theft of over $100,000 worth of Bitcoin (BTC) and Ether (ETH) from his various wallets.
The scam was orchestrated by a threat actor known as "ELUSIVE COMET," who used sophisticated social engineering tactics to deceive Gallen into installing malware during a Zoom call. The malicious actor posed as a verified X account claiming to be the founder and CEO of Fraction Mining, a company known as "Tactical Investing." During the interview, the scammer kept their screen off while Gallen's was on, allowing them to install the malware "GOOPDATE," which stole Gallen's credentials and accessed his crypto wallets.
Gallen has been collaborating with cybersecurity firm The Security Alliance (SEAL) to monitor the ongoing campaign against crypto users by ELUSIVE COMET. According to SEAL, the threat actor has been responsible for "millions of dollars in stolen funds" and operates under the guise of Aureon Capital, a purportedly legitimate venture capital firm. The firm's carefully engineered backstory poses a significant risk to users, who may be deceived into believing they are interacting with a legitimate entity.
The scam was facilitated by Zoom's default settings, which allow meeting participants to request remote control access. Gallen and other NFT collectors have advised users in the crypto industry to disable this feature to prevent unauthorized access to their computers. SEAL security researcher Samczsun confirmed that while Zoom does allow participants to request remote control access, the victim must still be socially engineered into granting it.
Gallen also revealed that the hackers were able to access his Ledger wallet, despite him only logging in a few times over the past three years and never writing down the password digitally. The hackers also attempted to use Gallen's compromised X account to lure other victims through private messages. Gallen's experience serves as a cautionary tale for the cryptocurrency community, highlighting the importance of vigilance and caution when using video conferencing platforms and interacting with unknown entities.
Gallen's warning underscores the need for heightened security measures within the cryptocurrency community. The incident highlights the vulnerabilities that can be exploited through social engineering and the importance of being cautious when granting remote access during video conferences. Users are advised to disable remote access features and be wary of unknown entities, especially those claiming to be from legitimate firms.
The threat actor "ELUSIVE COMET" has demonstrated a high level of sophistication in their tactics, using carefully engineered backstories and social engineering to deceive victims. The incident serves as a reminder that even experienced users in the cryptocurrency community can fall victim to such scams. It is crucial for users to stay informed about the latest security threats and take proactive measures to protect their digital assets.
_cbf77e8c1748017079428.jpeg)
