Security agency: Hackers are using Obsidian to spread the PHANTOMPULSE Trojan
The security research organization Elastic Security Labs has disclosed a new social engineering attack targeting personnel in the finance and cryptocurrency industries. The attackers impersonate venture capital firms on LinkedIn and Telegram, tricking targets into opening an Obsidian note repository that contains a built-in malicious payload, thereby deploying a previously unrecorded Windows remote access Trojan called PHANTOMPULSE.
This attack does not exploit any software vulnerabilities but instead abuses the Shell Commands plugin of Obsidian to automatically execute malicious code when the note repository is opened. On the macOS side, it uses an obfuscated AppleScript launcher in conjunction with a Telegram channel as a backup command and control server, while on the Windows side, it leverages Ethereum transaction data to achieve blockchain-based C2 address resolution.
You may also like
A valuation of 8 billion dollars, doubling in 8 months! What makes the crypto-friendly bank Erebor Bank stand out?
340 billion valuation: Li Yanhong's largest IPO, a seat in Kunlunxin's shares is hard to come by
Stablecoins are the "royalists" of the crypto world: Open USD brings the old currency system into play
Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip
Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed
Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions
A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI
When American giants collectively "defect" from Chinese AI models
BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"
Portugal 2-1 Croatia: Ronaldo's 20-Year Knockout-Stage Drought Ends With a Debt Finally Collected
Portugal beat Croatia 2-1 in the 2026 global football championship's knockout rounds as Ronaldo scored his first-ever knockout-stage goal, Gonçalo Ramos struck a stoppage-time winner, and VAR ruled out a late equalizer for offside.
