ELUSIVE COMET
Intelligence Profile
ELUSIVE COMET is a threat actor responsible for significant cryptocurrency theft through sophisticated social engineering attacks, particularly leveraging Zoom's remote control feature. Their attack methodology involves manipulating legitimate workflows and exploiting human-centric vulnerabilities rather than technical flaws. The actor employs tactics such as social proof, time pressure, and interface manipulation to deceive targets. Organizations can mitigate risks by implementing technical controls to disable the remote control feature and deploying email boundary protections like DMARC, SPF, and DKIM.
Threat Analysis
ELUSIVE COMET is a known-sophistication threat actor attributed to North Korea, engaged in cyber operations with a primary motivation of unknown activity patterns.
Known Campaigns
ELUSIVE COMET is a unknown-motivation threat actor attributed to North Korea. ELUSIVE COMET is a threat actor responsible for significant cryptocurrency theft through sophisticated social engineering attacks, particularly leveraging Zoom's remote control feature. Their attack methodology involves manipulating legitimate workflows and exploiting human-centr...