Summary: A hacking group called ‘Elusive Comet’ targets cryptocurrency users through social engineering attacks that exploit Zoom’s remote control feature. They use fake accounts to invite high-value targets to a fraudulent interview, leading victims to unknowingly grant remote control access to their machines. This attack methodology is similar to the .5 billion Bybit breach, with the perpetrators employing deceptive tactics that take advantage of users’ familiarity with Zoom prompts.
Affected: Cryptocurrency users and organizations
Keypoints :
- Elusive Comet utilizes social engineering tactics to infiltrate systems via Zoom.
- Fake interview invitations are sent through authentic-looking communications, lowering suspicions.
- Attackers manipulate users into granting remote control, allowing for data theft and potential installation of malware.
- The methodology is reminiscent of the Lazarus hacking groupβs actions during the Bybit heist.
- Recommendations include removing Zoom from sensitive environments to mitigate risks.