📰 【Security agency: Hackers use Obsidian to spread the PHANTOMPULSE trojan】

BlockBeats News, April 15 — A security research firm, Elastic Security Labs, disclosed a new type of social engineering attack targeting professionals in the financial and cryptocurrency industries. The attackers impersonated venture capital firms on LinkedIn and Telegram, luring targets into opening an Obsidian note repository containing a built-in malicious payload, which then deployed a Windows remote control trojan named PHANTOMPULSE that had never been recorded before. The attack does not require exploiting any software vulnerabilities, but instead abuses Obsidian’s Shell Commands plugin to automatically execute malicious code when the note repository is opened.

These hackers really are keeping up with the times—they’ve learned to set traps using Obsidian notes too. They specifically target colleagues in finance and crypto, posing as VCs on LinkedIn and pretending to be big shots on Telegram—the script is more exciting than a domestic drama. Now even opening a note-taking app requires some caution; this industry is truly hard to defend against, and people’s hearts are even more difficult to read than K-line charts. Brothers, there won’t be any free pies falling from the sky—when “VCs” and “opportunities” come knocking on their own, it never hurts to stay alert.

👇👇👇👇👇