The Security Alliance uncovers a scheme to hack crypto wallets via Zoom calls

What’s new? Jake Gallen, the CEO of non-fungible token (NFT) platform Emblem Vault, has revealed that he lost over $100 000 worth of BTC and ETH from several personal wallets after a suspicious Zoom call. IS experts at The Security Alliance, who studied this and similar incidents, found that the attacker used social engineering techniques to encourage victims to install malware to empty their crypto wallets.

Source: X.com

What else is known? Jake Gallen claims that the malware on his device appeared after a Zoom call-in interview with the author of a YouTube channel with over 90 000 subscribers. He had previously arranged this interview in X with a user posing as the CEO of a mining platform with 26 000 subscribers.

During the call, Gallen’s camera was turned off. During the call, he tricked the businessman into installing a program called GOOPDATE, which extracted credentials and allowed access to crypto wallets.

Chinese court sentences a group of crypto scammers to up to 15 years in prison

The number of victims exceeded 60 000 and the amount of damage reached $5б6 million

Read more

Among other things, the hacker gained access to Gallen’s wallet from vendor Ledger, even though he had logged in only a few times over three years and had never digitally recorded the password anywhere. In addition, the hacker hacked into the businessman’s X account and began corresponding with other potential victims on his behalf.

As explained by the victim himself, such a scheme can be realized when the guest of a call allows remote access to its creator. Although this is a requested feature, it is activated by default in all Zoom accounts.

An NFT collector under the nickname Leonidas has therefore called on all members of the crypto community to disallow remote access in the calling app. “If you don’t do this, anybody who is on a Zoom call with your employees can take over their entire computer by default,” he said.

Source: X.com

For their part, experts at The Security Alliance insist that remote access still requires victim consent and is not provided by default.

Find jobs or trouble. A new threat to blockchain developers and crypto projects

Hackers are increasingly trying to hack large companies or projects through developers, offering them jobs

Reead more

However, they revealed that the hacker behind this hack, known as ELUSIVE COMET, runs Aureon Capital, which positions itself as a venture capital firm. The hacker himself has already stolen millions of dollars worth of assets.