The recent rise in cyber attacks on Zoom users has raised concerns about the security vulnerabilities of the popular video conferencing platform. Threat actors have been exploiting a feature in Zoom that allows participants to grant remote control of their computers, leading to the installation of malware on victims’ devices.
One specific attack, attributed to a threat actor named ELUSIVE COMET by The Security Alliance (SEAL), involves enticing victims to join a Zoom call under the guise of being a guest on a podcast. Once the victim shares their screen during the call, the attacker manipulates the situation to gain remote access to the victim’s computer and installs malware without their knowledge.
The consequences of falling victim to such attacks can be severe, as in the case of Jake Gallen, CEO of Emblem Vault, who reportedly lost $100,000 and control of his accounts after his computer was compromised. Other high-profile individuals, including the CEO of Trail of Bits, have also been targeted but managed to avoid being compromised due to suspicious behavior by the attackers.
One of the key aspects of these attacks is the deception employed by the threat actors to trick victims into granting remote control. By masquerading as legitimate entities or using tactics to imitate system notifications, the attackers create a false sense of security that leads victims to inadvertently give access to their computers.
To mitigate the risks associated with these attacks, users are advised to be cautious when granting permissions during Zoom calls and to disable the remote control feature in their Zoom settings. Additionally, organizations handling sensitive information, such as cryptocurrency, are urged to consider removing Zoom from their systems entirely to enhance security measures.
As cybersecurity threats continue to evolve towards targeting operational security rather than technical vulnerabilities, it becomes crucial for individuals and organizations to adapt their defensive strategies accordingly. By staying informed and proactive in addressing human-centric attack vectors, such as the ELUSIVE COMET campaign, users can better protect themselves from falling prey to malicious actors.
In light of these developments, it is essential for users to remain vigilant and prioritize security measures in their use of online platforms like Zoom. By taking proactive steps to safeguard their digital assets and information, individuals can reduce the risk of becoming victims of remote control attacks and other cyber threats.