Social Engineering Campaign Abuses Zoom to Install Malwarehttps://tidorg.com/ourservices/educate/
https://info.knowbe4.com/phishing-reply-test-partner?partnerid=001a000001lWEoJAAW
A social engineering campaign is abusing Zoom’s remote control feature to take control of victims’ computers and install malware, according to researchers at security firm Trail of Bits.
The operation targeted Trail of Bits’ CEO, who recognized it as malicious and didn’t fall for the attack. The researchers have attributed the campaign to the ELUSIVE COMET threat actor.
“Two separate Twitter accounts approached our CEO with invitations to participate in a ‘Bloomberg Crypto’ series—a scenario that immediately raised red flags,” the researchers explain.
“The attackers refused to communicate via email and directed scheduling through Calendly pages that clearly weren’t official Bloomberg properties. These operational anomalies, rather than technical indicators, revealed the attack for what it was. The ELUSIVE COMET methodology mirrors the techniques behind the recent $1.5 billion Bybit hack in February, where attackers manipulated legitimate workflows rather than exploiting code vulnerabilities.”
Once a victim joins the Zoom meeting, the attacker requests permission to take control of the victim’s computer. Notably, the attacker changes their display name to “Zoom,” so the request appears as if it’s coming from the application.
The researchers outline the following attack flow:
- “The attacker schedules a seemingly legitimate business call.
- During screen sharing, they request remote control access.
- They change their display name to ‘Zoom’ to make the request appear as a system notification.
- If granted access, they can install malware, exfiltrate data, or conduct cryptocurrency theft.”
While this campaign used Zoom, the same tactic would work with many other remote meeting platforms. New-school security awareness training can teach your employees to recognize red flags associated with social engineering attacks.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Trail of Bits has the story.
The Security Culture How-to Guide
Improving the security culture of your organization can seem daunting. This how-to guide will walk you through how to build a step-by-step plan, helping you understand the fundamentals of security culture and what you can do to move the culture needle in your organization.
You’ll learn:
- The fundamental ABCs of culture change and how each builds off each other
- A seven-step cycle for improving your security culture
- Advice and best practices for making the most out of each step in the process
Download this guide now!
Download the Guide
Download The Guide!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/wp-security-culture-how-to-guide
The Security Culture How-to Guide
Improving the security culture of your organization can seem daunting. This how-to guide will walk you through how to build a step-by-step plan, helping you understand the fundamentals of security culture and what you can do to move the culture needle in your organization.
You’ll learn:
- The fundamental ABCs of culture change and how each builds off each other
- A seven-step cycle for improving your security culture
- Advice and best practices for making the most out of each step in the process
Download this guide now!
Download the Guidehttps://info.knowbe4.com/phishing-reply-test-partner?partnerid=001a000001lWEoJAAW
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-reply-test-partner?partnerid=001a000001lWEoJAAW