@yerbearserker
So was the first Zoom session secure but then they had the person download/etc a compromised Zoom Business? Did they deploy something through a compromised/normal Zoom Business that he they allowed when he clicked to 'repair' the issue?
A case of using legitimate service provider to then deliver the malicious code, after social engineering the acceptance of the package?
What are the safest video conferencing methods/tools?
I almost got caught with the client interview for legitimate looking company that wanted me to download and install/meet via their "Canadian meeting tool with AI transcribing etc" that ofc all looked legit.
I said I don't do that for security reasons, but would fire up a google meet and send that for us to jump into for a quick connect.
Was crazy the amount of time they worked on me to 'for the job'
1 reply
0 recast
1 reaction