{"id":127184,"date":"2025-04-15T05:16:10","date_gmt":"2025-04-15T05:16:10","guid":{"rendered":"http:\/\/cryptospotters.net\/?p=127184"},"modified":"2025-04-15T05:16:10","modified_gmt":"2025-04-15T05:16:10","slug":"crypto-exec-warns-of-elusive-comet-threat-after-losing-75-of-assets","status":"publish","type":"post","link":"http:\/\/cryptospotters.net\/?p=127184","title":{"rendered":"Crypto exec warns of \u2018ELUSIVE COMET\u2019 threat after losing 75% of assets"},"content":{"rendered":"<p>Source: Cointelegraph.com NewsThe chief executive of non-fungible token platform Emblem Vault is warning X users to be wary of the video meeting app Zoom after a nefarious threat actor known as \u201cELUSIVE COMET\u201d recently stole over $100,000 of his personal assets.\u00a0<br \/>\nOn April 11, Emblem Vault CEO, podcaster and NFT collector Jake Gallen said on X that he had been battling a \u201ccomplete computer compromise\u201d that ended up with a loss of Bitcoin (BTC) and Ether (ETH) assets from different wallets. \u201cUnfortunately, this led to $100k+ in purchased digital assets being lost,\u201d he said.\u00a0<br \/>\nDays later, Gallen said he had been working with cybersecurity firm The Security Alliance (SEAL) to track an ongoing campaign against crypto users by a threat actor identified as \u201cELUSIVE COMET.\u201d<br \/>\nGallen said the scam was facilitated over the video conference platform Zoom, which resulted in his crypto wallet being drained.\u00a0<br \/>\n\u201cWe were able to retrieve a malware file that was installed on my computer during a Zoom call with a YouTube personality of over 90k subs,\u201d said Gallen on April 14.\u00a0<br \/>\nThe malicious actor \u201cemploys sophisticated social engineering tactics with the goal of inducing victims into installing malware and ultimately stealing their crypto,\u201d SEAL reported in late March.<br \/>\nSource: Jake GallenGallen said he\u2019d arranged an interview after being contacted by a verified X account with 26,000 followers that claims to be the founder and CEO of a crypto mining platform. However, during the interview, the X user left their screen switched off while Gallen\u2019s was on. During the call, Gallen was tricked into enabling the installation of malware called \u201cGOOPDATE,\u201d which stole credentials and accessed his crypto wallets.\u00a0<br \/>\nCointelegraph reached out to the X account for comment.<br \/>\nZoom remote access threat<br \/>\n\u201cFor this scam to take place, it\u2019s said that the guest of the Zoom video call allows remote access to the host of the call, which is a requestable feature that is DEFAULT ON for every Zoom account,\u201d said Gallen.<br \/>\nNFT collector Leonidas confirmed the default settings and advised those in the crypto industry to prevent remote access.\u00a0<br \/>\n\u201cIf you don\u2019t do this, anybody who is on a Zoom call with your employees can take over their entire computer by default,\u201d he said.\u00a0<br \/>\nSource: LeonidasSEAL security researcher Samczsun told Cointelegraph that Zoom, by default, allows meeting participants to request remote control access. \u201cAt this point in time we believe the victim still needs to be social engineered into granting access,\u201d they said.\u00a0<br \/>\nCointelegraph reached out to Zoom for comments but did not receive an immediate response.\u00a0<br \/>\nRelated: Crypto founders report deluge of North Korean fake Zoom hacking attempts<br \/>\nGallen also stated that the hackers accessed his Ledger wallet even though he had only logged in a few times over the three years and had never written the password down anywhere digitally.\u00a0<br \/>\nThey also hacked his X account in an attempt to lure in other victims through private messages.\u00a0<br \/>\nSEAL reported that ELUSIVE COMET is known to operate Aureon Capital, which claims to be a legitimate venture capital firm. The threat actor is responsible for \u201cmillions of dollars in stolen funds\u201d and poses a significant risk to users due to their \u201ccarefully engineered backstory,\u201d the firm noted.\u00a0<br \/>\nSamczsun advised users who have interacted with Aureon Capital to contact SEAL\u2019s emergency hotline on Telegram.\u00a0<br \/>\nMagazine: Bitcoin eyes $100K by June, Shaq to settle NFT lawsuit, and more: Hodler\u2019s Digest<a href=\"https:\/\/cointelegraph.com\/news\/emblem-vault-ceo-loses-75-assets-in-elusive-comet-scam?utm_source=rss_feed&amp;utm_medium=rss&amp;utm_campaign=rss_partner_inbound\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Source: Cointelegraph.com NewsThe chief executive of non-fungible token platform Emblem Vault is warning X users to be wary of the video meeting app Zoom after a nefarious threat actor known&hellip; <\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/127184"}],"collection":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=127184"}],"version-history":[{"count":0,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/127184\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=127184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=127184"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=127184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}