Crypto CEO loses $100,000 in Zoom hack by elusive Comet malware

Jake Gallen, CEO of NFT platform Emblem Vault, has warned users about a sophisticated cyberattack that led to the loss of over $100,000 in Bitcoin (CRYPTO:BTC) and Ether (CRYPTO:ETH).

The incident began after Gallen participated in a Zoom call arranged as an interview with a verified X account claiming to be a crypto mining CEO.

During the call, the other party kept their camera off while Gallen’s was on, and he was tricked into granting remote access and installing malware named “GOOPDATE.”

This malware stole credentials and drained multiple crypto wallets, including Gallen’s Ledger wallet, despite his limited use and secure password practices.

Gallen described the event as a “complete computer compromise” and has been collaborating with cybersecurity firm The Security Alliance (SEAL) to investigate the ongoing campaign by a threat actor known as “ELUSIVE COMET.”

SEAL reported that ELUSIVE COMET uses advanced social engineering tactics to induce victims into installing malware via Zoom calls, exploiting the platform’s default setting that allows participants to request remote control access.

NFT collector Leonidas confirmed that Zoom’s default remote access feature can enable any participant to take control of a user’s computer if granted permission, urging crypto professionals to disable this setting.

SEAL security researcher Samczsun emphasised that victims must be socially engineered into granting access, highlighting the importance of vigilance during video calls.

The hackers also compromised Gallen’s X account to send private messages aimed at luring additional victims.

SEAL identified ELUSIVE COMET as operating under the guise of Aureon Capital, a purported venture capital firm responsible for millions in stolen funds, using a carefully crafted backstory to gain trust.

Samczsun advised anyone who has interacted with Aureon Capital to contact SEAL’s emergency hotline on Telegram for assistance.

Gallen’s case underscores the risks posed by default remote access settings on video platforms and the need for heightened security awareness in the crypto community.

“Unfortunately, this led to $100k+ in purchased digital assets being lost,” Gallen said, warning others to be cautious when granting remote access during online meetings.

No immediate comment was received from Zoom regarding the security concerns raised by this incident.