In a disturbing trend, cybercriminals have begun exploiting Zoom’s remote control feature to install malware on unsuspecting users’ computers. This attack method, dubbed the “Zoom remote control attack” by cybersecurity experts, has resulted in significant financial losses for several victims.
The technique was recently highlighted by The Security Alliance (SEAL), a nonprofit organization focused on enhancing security within cryptocurrency and decentralized finance sectors. According to SEAL, the group behind this tactic is known as ELUSIVE COMET, which operates under the guise of legitimacy by maintaining polished websites and active social media profiles, including their affiliations with Aureon Capital, Aureon Press, and The OnChain Podcast. For more information on their activities, visit their official website.
Victims are typically contacted via Twitter DMs or email and invited to participate in a podcast. Once on a Zoom call, the attackers prompt the victims to share their screen. At this point, they can request remote control access to the victim’s computer, often disguising the prompt as a system notification. Jake Gallen, CEO of Emblem Vault, lost approximately $100,000 to this tactic after inadvertently granting remote access to his device. He expressed concerns that he wasn’t even aware of granting such permissions during the call.
Cybersecurity specialists like Andrew Mills from Trail of Bits have noted that many victims are likely to approve the remote control request without realizing the implications. Mills detailed how attackers often change their display names to “Zoom” to trick users into thinking the request is legitimate. He emphasized that for high-security environments, completely removing Zoom may be the most effective preventative measure, while suggesting users disallow remote control access in their settings as a precaution.
This ongoing campaign serves as a stark reminder of the evolution in cyber threats targeting operational security over technical vulnerabilities, highlighting the need for organizations to adapt their defenses against these human-centric attack vectors. For more insights on mitigating these risks, refer to this detailed guide.