The Rise of Social Engineering in Crypto Theft

A elegant group of hackers,identified as ‘Elusive Comet,’ is reportedly using Zoom’s remote control capabilities to execute cryptocurrency theft attacks. This method relies heavily on social engineering, bypassing traditional cybersecurity defenses.

According to a recent report by Trail of bits, the attackers are not exploiting software vulnerabilities but rather manipulating human trust. This approach mirrors tactics observed in other high-profile cybercrimes,highlighting a growing trend in the digital underworld.

Attackers are increasingly targeting human vulnerabilities rather than technical ones, making social engineering a potent weapon in their arsenal.

Trail of Bits Report, 2025

How the Zoom Crypto Scam Unfolds

The ‘Elusive Comet’ group employs a multi-stage attack:

1. Impersonation: The attackers masquerade as journalists from reputable news outlets like “Bloomberg Crypto,” contacting potential victims via X (formerly Twitter) or email.
2. Enticement: They lure victims with the promise of exclusive interviews conducted over Zoom.
3. Remote Access Request: during the Zoom call, they request remote control of the victim’s computer, citing technical difficulties or the need to share specific content.This leverages a legitimate Zoom feature.
4. Cryptocurrency Theft: with complete access,the attackers can then pilfer cryptocurrency wallets,often without needing malware or exploiting technical vulnerabilities.

This method cleverly imitates tactics used in the recent Hack the Bybit incident, where attackers manipulated legitimate workflows instead of exploiting software bugs.

Defense Strategies: Protecting Your Digital Assets

Given the increasing sophistication of these attacks, individuals and organizations must adopt proactive security measures. Here are some essential protection tips:

• Disable Remote Control: Deactivate the Zoom remote control function unless absolutely necessary. Consider choice methods for collaboration that do not require granting full access to your device.
• Verify Identity: Scrutinize the identity of anyone who contacts you, especially for unexpected interviews or meetings.Independently verify their credentials through official channels.
• Be wary of Unsolicited Messages: Exercise caution with unsolicited posts or messages claiming to be from reputable organizations. Always verify details through official sources.
• Implement multi-Factor Authentication (MFA): Enable MFA on all cryptocurrency wallets and exchanges. This adds an extra layer of security, making it considerably harder for attackers to gain unauthorized access.According to recent statistics,MFA can block over 99.9% of account hacking attacks.
• Use Hardware Wallets: store your cryptocurrency offline in a hardware wallet. This provides a secure surroundings for storing private keys, protecting them from online threats.

The Broader Context: cryptocurrency Crime on the Rise

The ‘Elusive Comet’ attacks are part of a larger trend of increasing cryptocurrency crime. According to Chainalysis, cryptocurrency-related crime reached an all-time high in 2024, with billions of dollars stolen through various scams, hacks, and fraud schemes.

this underscores the need for heightened vigilance and robust security practices within the cryptocurrency community. As the value of digital assets continues to grow, so too will the incentives for cybercriminals to target them.