Crypto exec warns of ‘ELUSIVE COMET’ threat after losing 75% of assets
The chief executive of non-fungible token platform Emblem Vault is warning X users to be wary of the video meeting app Zoom after a nefarious threat actor known as “ELUSIVE COMET” recently stole over $100,000 of his pers...
Archive context
Older archive item. Useful for background and entity history, but not a fresh market-moving signal.
The chief executive of non-fungible token platform Emblem Vault is warning X users to be wary of the video meeting app Zoom after a nefarious threat actor known as “ELUSIVE COMET” recently stole over $100,000 of his personal assets.
On April 11, Emblem Vault CEO, podcaster and NFT collector Jake Gallen said on X that he had been battling a “complete computer compromise” that ended up with a loss of Bitcoin (BTC) and Ether (ETH) assets from different wallets. “Unfortunately, this led to $100k+ in purchased digital assets being lost,” he said.
Days later, Gallen said he had been working with cybersecurity firm The Security Alliance (SEAL) to track an ongoing campaign against crypto users by a threat actor identified as “ELUSIVE COMET.”
Gallen said the scam was facilitated over the video conference platform Zoom, which resulted in his crypto wallet being drained.
“We were able to retrieve a malware file that was installed on my computer during a Zoom call with a YouTube personality of over 90k subs,” said Gallen on April 14.
The malicious actor “employs sophisticated social engineering tactics with the goal of inducing victims into installing malware and ultimately stealing their crypto,” SEAL reported in late March.
Source: Jake Gallen
Gallen said he’d arranged an interview after being contacted by a verified X account with 26,000 followers that claims to be the founder and CEO of a crypto mining platform.
However, during the interview, the X user left their screen switched off while Gallen’s was on. During the call, Gallen was tricked into enabling the installation of malware called “GOOPDATE,” which stole credentials and accessed his crypto wallets.
Cointelegraph reached out to the X account for comment.
Zoom remote access threat“For this scam to take place, it’s said that the guest of the Zoom video call allows remote access to the host of the call, which is a requestable feature that is DEFAULT ON for every Zoom account,” said Gallen.
NFT collector Leonidas confirmed the default settings and advised those in the crypto industry to prevent remote access.
“If you don’t do this, anybody who is on a Zoom call with your employees can take over their entire computer by default,” he said.
Source: Leonidas
SEAL security researcher Samczsun told Cointelegraph that Zoom, by default, allows meeting participants to request remote control access. “At this point in time we believe the victim still needs to be social engineered into granting access,” they said.
Cointelegraph reached out to Zoom for comments but did not receive an immediate response.
Related: Crypto founders report deluge of North Korean fake Zoom hacking attempts
Gallen also stated that the hackers accessed his Ledger wallet even though he had only logged in a few times over the three years and had never written the password down anywhere digitally.
They also hacked his X account in an attempt to lure in other victims through private messages.
SEAL reported that ELUSIVE COMET is known to operate Aureon Capital, which claims to be a legitimate venture capital firm. The threat actor is responsible for “millions of dollars in stolen funds” and poses a significant risk to users due to their “carefully engineered backstory,” the firm noted.
Samczsun advised users who have interacted with Aureon Capital to contact SEAL’s emergency hotline on Telegram.
Magazine: Bitcoin eyes $100K by June, Shaq to settle NFT lawsuit, and more: Hodler’s Digest
Why this matters
This cryptocurrency story adds another data point to the current market tape and is useful when read alongside nearby source coverage.
Original source
Read on CointelegraphRelated market context
BNB Chain RWA TVL Hits $5.2B As Tokenized Assets Move Beyond Ethereum
BNB Chain has reached a new high in tokenized real-world assets, with RWA.xyz data showing roughly $5.2 billion in tokenized asset...
France blocks access to Polymarket website due to gambling concerns
France's gambling regulator ANJ has blocked Polymarket access for French users, part of a crackdown spanning over 33 countries on...
BTCC Exchange Q2 2026 Growth Report: TradFi Volumes Triple, 12M Users Reached as Exchange Marks 15 Years
George Town, Cayman Islands, July 17th, 2026, Chainwire BTCC, the world’s longest-serving cryptocurrency exchange, today released...
Coinbase acknowledges distance from crypto-native users, plans to rebuild trust with Base App relaunch
Coinbase relaunches Base App as an 'everything app' for onchain users, offering 3.35% USDC APY and gas sponsorships to rebuild tru...
ConsenSys inadvertently hired North Korean operative who accessed MetaMask’s core code
ConsenSys inadvertently hired a North Korean operative as a developer consultant who accessed MetaMask's core code before being de...
Chainlink Labs’ Andrew McCormick calls CLARITY Act ‘the biggest imaginable unlock’ for institutional crypto
Chainlink Labs' Andrew McCormick calls the CLARITY Act the biggest unlock for institutional crypto adoption, citing outdated 1930s...