Jake Gallen, CEO of the NFT platform Emblem Vault, lost more than $100,000 in crypto assets after what seemed like a harmless Zoom call turned into a nightmare. What started as a routine business meeting turned out to be a sophisticated hacking operation orchestrated by a cybercriminal group known as "Elusive Comet."

Zoom: A Backdoor for Malware

On April 11, Gallen shared on social media platform X that his system had been fully compromised, resulting in the loss of various cryptocurrencies, including Bitcoin and Ethereum, from multiple wallets.

He later revealed that the breach happened during a Zoom video call, which he had agreed to after being contacted by a verified X account with 26,000 followers claiming to be the CEO of a crypto mining platform.

During the call, Gallen had his camera on while the other participant remained hidden. It was during this meeting that malicious software called GOOPDATE was installed on his computer, allowing the attackers to steal his credentials and gain access to his wallets.

Source: Jake Gallen


Elusive Comet — A Stealth Threat with a Professional Façade

Following the incident, Gallen began working with cybersecurity firm The Security Alliance (SEAL) to investigate the attack. According to their research, Elusive Comet operates under the disguise of a legitimate VC firm called Aureon Capital, which in reality serves as a front for targeted crypto theft.

SEAL warns that the group uses advanced social engineering tactics to manipulate victims into installing malware or granting system access unknowingly.

Zoom's Dangerous Default Setting

One of the key factors in the attack was Zoom’s remote access feature, which is enabled by default. This means that unless users manually disable it, anyone in the meeting can request access to their system.

Well-known NFT collector Leonidas also raised concerns, urging people in the crypto industry to immediately turn off this setting.

Security researcher Samczsun added that although remote access still requires user approval, attackers often manipulate victims into granting it through deceptive methods.

Source: Leonidas

Hackers Breached Ledger Wallet and X Account

According to Gallen, the hackers even managed to gain access to his Ledger hardware wallet, despite the fact that he had only logged into it a few times in three years and had never stored credentials digitally. They also breached his X account and used it to lure additional victims via private messages.

SEAL reports that Elusive Comet has already stolen millions of dollars, using a carefully built network of fake identities and trustworthy-looking brands.

What You Can Do

SEAL urges anyone who has interacted with the alleged Aureon Capital to reach out to their emergency security team via Telegram. Key recommendations include:

🔹 Never grant device access during video calls.

🔹 Disable Zoom’s default remote access permissions.

🔹 Be extremely cautious, even when contacted by “verified” accounts.

The crypto space is becoming increasingly dangerous, and modern attacks are more sophisticated than ever. In a world where a single click can cost you everything, vigilance is the most valuable currency.

#CryptoSecurity , #CyberSecurity , #cryptohacks , #CryptoNewss , #bitcoin

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!

Notice:

,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“