Emblem Vault CEO Loses $100,000 in Cyberattack During Zoom Call

Jake Gallen, the CEO of the NFT platform Emblem Vault, recently experienced a significant financial loss when he fell victim to a cyberattack during a ZoomZM-- video call. The attacker, posing as the head of a prominent crypto mining company, convinced Gallen to install what appeared to be a routine update tool. This file, later identified as malware named "GOOPDATE," granted the attacker full control over Gallen's system, resulting in the loss of over $100,000 in digital assets.

The malware allowed the hacker to access Gallen's crypto wallets and collect login data stored on his computer. This breach not only compromised his browser-based wallets but also his Ledger hardware wallet, which had barely been used and did not store the password on any device. The depth of the penetration raised significant concerns about the security measures in place.

Following the attack, Gallen's X (formerly Twitter) account was also compromised, and the attacker began sending direct messages to his contacts in an attempt to repeat the scam. This pattern of behavior has been observed in other cases by cybersecurity firm SEAL, which is assisting with the investigation. SEAL has urged victims or anyone approached by the fake venture capital firm Aureon Capital to reach out through its verified Telegram support line.

The method used in the attack highlighted potential vulnerabilities in Zoom's default meeting settings. Gallen noted that the attacker may have used Zoom's remote control feature, which allows participants to request control of another person's screen. This feature is enabled by default, and Gallen had never adjusted these settings. Security experts confirmed that while Zoom allows users to request remote control, the person on the other end must approve it. However, the incident underscored the importance of manually disabling remote access to prevent unauthorized control of devices.

In response to the attack, the crypto community has been warned to remain vigilant and check both software and platform settings before joining video calls or downloading any files. The incident serves as a stark reminder of the evolving threats in the digital landscape and the need for heightened security measures to protect against such sophisticated attacks.