{"id":301600,"date":"2025-04-25T00:04:27","date_gmt":"2025-04-25T07:04:27","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/en\/?p=301600"},"modified":"2025-07-01T14:48:31","modified_gmt":"2025-07-01T21:48:31","slug":"they-are-using-zoom-to-distribute-malware-heres-how-to-stay-safe","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/they-are-using-zoom-to-distribute-malware-heres-how-to-stay-safe\/","title":{"rendered":"They are using Zoom to distribute malware: Here&#8217;s how to stay safe"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">A new cybercrime group known as&nbsp;<strong>Elusive Comet<\/strong>&nbsp;is using&nbsp;<em>Zoom meetings as a gateway to install malware and steal digital assets<\/em>. By impersonating legitimate media outlets, they gain victims&#8217; trust, then exploit Zoom&#8217;s remote control features to hijack their devices. The Security Alliance has issued an alert urging high-profile users to remain vigilant.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How the scam works<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The attackers first contact their targets \u2014 often CEOs or crypto asset holders \u2014&nbsp;<strong>by posing as media professionals or podcast hosts<\/strong>. They create convincing backstories with&nbsp;<em>polished websites, social media activity, and even YouTube channels<\/em>&nbsp;to appear legitimate. Once a video call is arranged, they&nbsp;<strong>keep their camera off and send a remote control request<\/strong>, with the name changed to \u201cZoom\u201d to mimic the app itself.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>If the user accepts the request<\/strong>, the attacker immediately gains full control of the system. Victims have already reported&nbsp;<strong>loss of Bitcoin and Ethereum funds<\/strong>, and unauthorized access to email and social media accounts.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to protect yourself<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">To avoid falling into this trap, users should&nbsp;<strong>never accept remote control requests during video calls<\/strong>, especially from unknown contacts. Disabling Zoom\u2019s remote control feature in settings is a crucial first step.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Additionally, using the browser version of Zoom instead of the app offers&nbsp;<strong>an added layer of security<\/strong>, as it does not support remote control. The Security Alliance also advises&nbsp;<strong>verifying the legitimacy of any unsolicited media offer<\/strong>&nbsp;and double-checking all social media profiles before engaging.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Keeping&nbsp;<strong>your antivirus software, VPN, and password manager up to date<\/strong>&nbsp;can also help mitigate potential threats. In a digital landscape full of deception,&nbsp;<strong>extra vigilance could make all the difference<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new cybercrime group known as&nbsp;Elusive Comet&nbsp;is using&nbsp;Zoom meetings as a gateway to install malware and steal digital assets. By impersonating legitimate media outlets, they gain victims&#8217; trust, then exploit Zoom&#8217;s remote control features to hijack their devices. The Security Alliance has issued an alert urging high-profile users to remain vigilant. How the scam works &hellip; <a href=\"https:\/\/cms-articles.softonic.io\/en\/they-are-using-zoom-to-distribute-malware-heres-how-to-stay-safe\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;They are using Zoom to distribute malware: Here&#8217;s how to stay safe&#8221;<\/span><\/a><\/p>\n","protected":false},"author":9317,"featured_media":301601,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-301600","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/301600","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9317"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=301600"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/301600\/revisions"}],"predecessor-version":[{"id":307574,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/301600\/revisions\/307574"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/301601"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=301600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=301600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=301600"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=301600"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=301600"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=301600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}