A social engineering marketing campaign is abusing Zoom’s distant management characteristic to take management of victims’ computer systems and set up malware, based on researchers at safety agency Path of Bits.
The operation focused Path of Bits’ CEO, who acknowledged it as malicious and didn’t fall for the assault. The researchers have attributed the marketing campaign to the ELUSIVE COMET menace actor.
“Two separate Twitter accounts approached our CEO with invites to take part in a ‘Bloomberg Crypto’ collection—a situation that instantly raised pink flags,” the researchers clarify.
“The attackers refused to speak by way of e-mail and directed scheduling by way of Calendly pages that clearly weren’t official Bloomberg properties. These operational anomalies, fairly than technical indicators, revealed the assault for what it was. The ELUSIVE COMET methodology mirrors the strategies behind the current $1.5 billion Bybit hack in February, the place attackers manipulated professional workflows fairly than exploiting code vulnerabilities.”
As soon as a sufferer joins the Zoom assembly, the attacker requests permission to take management of the sufferer’s pc. Notably, the attacker adjustments their show identify to “Zoom,” so the request seems as if it’s coming from the appliance.
The researchers define the next assault stream:
-
“The attacker schedules a seemingly professional enterprise name.
-
Throughout display screen sharing, they request distant management entry.
-
They modify their show identify to ‘Zoom’ to make the request seem as a system notification.
-
If granted entry, they’ll set up malware, exfiltrate information, or conduct cryptocurrency theft.”
Whereas this marketing campaign used Zoom, the identical tactic would work with many different distant assembly platforms. New-school safety consciousness coaching can educate your staff to acknowledge pink flags related to social engineering assaults.
KnowBe4 empowers your workforce to make smarter safety selections each day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human threat.
Path of Bits has the story.
