Hackers abuse Zoom remote control feature for crypto-theft attacks
A hacking group dubbed ‘Elusive Comet’ targets cryptocurrency users in social engineering attacks that exploit Zoom’s remote control feature to trick users into granting them access to their machines.
Zoom’s remote control feature allows meeting participants to take control of another participant’s computer.
According to cybersecurity firm Trail of Bits, which encountered this social engineering campaign, the perpetrators mirror techniques used by the Lazarus hacking group in the massive $1.5 billion Bybit crypto heist.
“The ELUSIVE COMET methodology mirrors the techniques behind the recent $1.5 billion Bybit hack in February, where attackers manipulated legitimate workflows rather than exploiting code vulnerabilities,”…
