The CEO of Emblem Vault, a non-fungible token (NFT) platform, is cautioning users about the video conferencing application Zoom, following a damaging cyber attack by a malicious entity referred to as “ELUSIVE COMET” that resulted in a loss of over $100,000 of his personal assets. This incident occurred on April 11.
Jake Gallen, the CEO of Emblem Vault, a podcaster, and an NFT enthusiast, announced that he had fallen victim to a “comprehensive computer breach” which resulted in significant Bitcoin and Ether losses from various wallets. He stated, “Regrettably, this resulted in a loss of more than $100,000 in purchased digital assets.”
Gallen revealed that he had been cooperating with cybersecurity company, The Security Alliance (SEAL), to track down an ongoing scheme targeting cryptocurrency users, orchestrated by the threat actor “ELUSIVE COMET”. He attributed the scam to Zoom, which he claims facilitated the draining of his crypto wallet.
He stated, “We discovered a malware file that was installed on my computer during a Zoom call with a YouTube influencer with over 90k followers”, on April 14. The malevolent entity “uses advanced social engineering tactics to trick victims into installing malware, ultimately pilfering their crypto,” as reported by SEAL in late March.
After being contacted by “Tactical Investing”, a verified account which claimed to be the founder and CEO of Fraction Mining, Gallen set up an interview. During this meeting, Tactical Investing kept their screen off while Gallen’s was on, allowing the installation of malware named “GOOPDATE” that stole his credentials and accessed his crypto wallets.
Gallen has also noted that the attackers were able to infiltrate his Ledger wallet, despite him only having accessed it a few times over three years, and never having digitally written down the password. The hackers also compromised his account in a bid to attract more victims through private messages.
SEAL has reported that “ELUSIVE COMET” is linked to Aureon Capital, which posits itself as a legitimate venture capital firm. The malicious actor is accountable for “millions of dollars in stolen funds” and poses a significant threat to users due to their “carefully crafted backstory”, according to the firm. Users who have interacted with Aureon Capital are advised to contact SEAL’s emergency hotline on Telegram.
