律动BlockBeats
律动BlockBeats|4月 15, 2026 06:44
[Security Agency: Hackers Using Obsidian to Spread PHANTOMPAmericaE Trojan] BlockBeats News, April 15 – Security research organization Elastic Security Labs has disclosed a new social engineering attack targeting individuals in the financial and cryptocurrency industries. Attackers are posing as venture capital firms on LinkedIn and Telegram, luring targets into opening Obsidian note vaults embedded with malicious payloads, thereby deploying a previously undocumented Windows remote access trojan, PHANTOMPAmericaE. This attack does not exploit any software vulnerabilities but instead abuses Obsidian's Shell Commands plugin to automatically execute malicious code when the note vault is opened. On macOS, the attack uses obfuscated AppleScript droppers in conjunction with Telegram channels as backup command-and-control servers. On Windows, it leverages Ethereum transaction data to implement blockchain-based C2 address resolution.
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads