Crypto users targeted in ‘elaborate’ scam using popular notes app
Elastic Security Labs says a multi-step social engineering scam is aimed at those in crypto and finance, using a community plugin feature on a note-taking app to spread malicious device-controlling software.
Crypto users have been warned of a new social engineering scam that tricks victims into using community plugins on the note-taking app Obsidian to unknowingly run malware that can take control of their devices.
Elastic Security Labs said in a report on Tuesday that it found a novel campaign targeting those in crypto and finance using “elaborate social engineering on LinkedIn and Telegram” to trick victims into allowing malicious, yet seemingly safe, software to run on their devices.
Attackers abuse the community plugin ecosystem on Obsidian to “silently execute code when a victim opens a shared cloud vault,” with attacks working on both Windows and macOS devices.
Source: Cointelegraph →Related News
- 2 hours ago
Quantum attacks could worsen without proof of ownership: Near One
- 2 hours ago
Samourai Wallet co-founder appeals for donations to pay $2M legal fees
- 2 hours ago
Trump-linked American Bitcoin reports $82M Q1 loss, revenue miss
- 3 hours ago
UAE-regulated stablecoins to develop AED-USD conversion rails for institutional...
- 4 hours ago
Aave liquidates Kelp DAO hacker's rsETH positions on Ethereum, Arbitrum