Svmuu News According to a disclosure by Elastic Security Labs, threat actors impersonated a venture capital firm, luring targets via LinkedIn and Telegram to open an Obsidian note vault containing malicious code. This attack leveraged Obsidian's Shell Commands plugin, allowing the execution of a malicious payload when the victim opened the vault without exploiting any vulnerability.
The PHANTOMPULSE discovered in the attack is a previously undocumented Windows Remote Access Trojan (RAT) that utilizes Ethereum transaction data for blockchain-based C2 (Command and Control) communication. The macOS payload employs an obfuscated AppleScript dropper and uses a Telegram channel as a fallback C2. Elastic Defend detected and blocked the attack before PHANTOMPULSE could execute.
Disclaimer:All content on this platform is sourced from the internet and is provided for informational purposes only. None of the content represents the views of this site, nor does it constitute investment advice. Please exercise caution when investing.
Faster global financial news!
Hackers Exploit Obsidian Plugin to Launch PHANTOMPULSE Trojan
15/04/2026 02:50
Recommended Reading
Hot Topics
Svmuu focuses on blockchain industry trends and cutting-edge cryptocurrency news, while also covering real-time market data and in-depth analysis of the Hong Kong, U.S., and foreign exchange markets. Here, you can not only access professional 24/7 news updates and accurate market data, but also utilize practical investment tools to help you capitalize on opportunities in both digital assets and traditional financial markets. Whether you are a blockchain enthusiast or an investor in Hong Kong, U.S., or foreign exchange markets, we provide efficient and timely information services to empower your investment decisions.
Scan to Download App
