The chief executive of non-fungible token platform Emblem Vault is warning X users to be wary of the video meeting app Zoom after a nefarious threat actor known as “ELUSIVE COMET” recently stole over $100,000 of his personal assets.
On April 11, Emblem Vault CEO, podcaster and NFT collector Jake Gallen said on X that he had been battling a “complete computer compromise” that ended up with a loss of Bitcoin (BTC) and Ether (ETH) assets from different wallets. “Unfortunately, this led to $100k+ in purchased digital assets being lost,” he said.
Days later, Gallen said he had been working with cybersecurity firm The Security Alliance (SEAL) to track an ongoing campaign against crypto users by a threat actor identified as “ELUSIVE COMET.”
Gallen said the scam was facilitated over the video conference platform Zoom, which resulted in his crypto wallet being drained.
“We were able to retrieve a malware file that was installed on my computer during a Zoom call with a YouTube personality of over 90k subs,” said Gallen on April 14.
The malicious actor “employs sophisticated social engineering tactics with the goal of inducing victims into installing malware and ultimately stealing their crypto,” SEAL reported in late March.
Source: Jake Gallen
Gallen said he’d arranged an interview after being contacted by a verified X account with 26,000 followers that claims to be the founder and CEO of a crypto mining platform.
However, during the interview, the X user left their screen switched off while Gallen’s was on. During the call, Gallen was tricked into enabling the installation of malware called “GOOPDATE,” which stole credentials and accessed his crypto wallets.
Cointelegraph reached out to the X account for comment.
Zoom remote access threat
“For this scam to take place, it’s said that the guest of the Zoom video call allows remote access to the host of the call, which is a requestable feature that is DEFAULT ON for every Zoom account,” said Gallen.
NFT collector Leonidas confirmed the…
..
