Click Here The ego exploit
14 snips
Dec 19, 2025 In this riveting discussion, Dan Guido, a cybersecurity expert and CEO of Trail of Bits, reveals the vulnerabilities lurking within Zoom's seemingly benign features. He dives into how social engineering can exploit these weaknesses, illustrating the dangers of charm and urgency in phishing scams. Dan emphasizes that in the crypto world, the most exposed targets are often people, not technology, urging listeners to strengthen their operational security. With insights into the shift from hacking smart contracts to human targets, this conversation is both cautionary and enlightening.
AI Snips
Chapters
Transcript
Episode notes
Targeted By A Fake Bloomberg Interview
- Dan Guido described receiving a fake Bloomberg Crypto interview request that pushed him to take a Zoom call on a spare Chromebook.
- The call never showed, and he discovered it was part of Elusive Comet's campaign to exploit Zoom features for access.
Legit Remote Support Can Be Weaponized
- Zoom's built-in remote support feature can give another user full control of your screen, keyboard, and mouse.
- That functionality, intended for IT help, becomes a powerful attack vector when paired with social engineering.
Ego And Urgency Drive Consent
- Attackers combine time pressure and flattery to push victims into enabling dangerous permissions.
- Ego stroking and urgency lower skepticism and make users more likely to click through security prompts.