Click Here — "The Ego Exploit"

Podcast: Click Here (Recorded Future News)
Air Date: December 19, 2025
Host: Dina Temple Raston
Guest: Dan Guido (CEO, Trail of Bits)
Main Theme:
An in-depth look at how hackers are increasingly leveraging social engineering—more than technical exploits—to compromise victims, especially those in the crypto world. Through the story of cybersecurity expert Dan Guido being targeted via a Zoom-based scam, the episode explores how human vulnerabilities, not technical ones, often remain the weakest link.

Episode Overview

This episode revisits a true hacking attempt aimed at Dan Guido, a seasoned cybersecurity expert and CEO of Trail of Bits. The attack didn't employ malware or zero-day exploits, but instead exploited trust, ego, and a little-known Zoom feature to try and take over his device. The story shines a light on how even the most tech-savvy are vulnerable when human psychology, urgency, and digital fatigue are manipulated by cybercriminals.

Key Discussion Points & Insights

1. The Anatomy of a Social Engineering Attack

Setup:
- Dan receives a Twitter DM from someone claiming to be a Bloomberg Crypto reporter requesting an interview on Zoom—a plausible scenario for someone of Dan's profile.
- Despite some initial alarm bells (e.g., switching to Telegram, using Gmail for correspondence), Guido's curiosity led him to play along safely by using a spare Chromebook.
- The attackers never appeared for the call, prompting Dan to investigate further.
- [04:46] Dan: "The fact that a Bloomberg News person, like, wouldn't talk over text, wouldn't talk over signal, wouldn't talk over email. ... And then the email confirmation from a Gmail address, like, I don't think so."
Hacker's Methods:
- Elusive Comet, the hacker group, relies not on technical exploits but on social engineering combined with Zoom's built-in "remote support" feature.
- This feature allows remote control—keyboard, mouse, screen—after user consent, which can be manipulated easily with urgent-sounding requests.
- [06:20] Dan: "There's actually this IT remote support feature that's built into Zoom that allows somebody else to take control of your screen, your keyboard, your mouse..."
- [06:38] Dan: "It was just sort of a shockingly easy trick to play that only requires social engineering. And it gets you code execution out the other end."
Psychological Tactics Used:
- Time pressure: Making the target feel urgency to comply.
- Ego stroking: Flattering the target to lower their guard.
- [07:29] Dan: "They're saying, you're so important to talk to. We know all the great work that you've done and like, this is going to be great exposure for you. It's Bloomberg, you know, it's huge. And they just lean into it and lay it on pretty thick. Right away you feel really good about yourself, like, oh, somebody finally noticed me."

2. Why Go After Individuals, Especially in Crypto?

Crypto Wallets as Fast Targets:
- It's easier and more lucrative for hackers to target individual crypto holders than hack corporate systems or smart contracts.
- [10:27] Dan: "You don't have to navigate through a big company to find the secret formula to Coke buried 10 levels deep... Instead, you've just got a single person's computer that has a private key on it, and as soon as you read it, you can go grab $2 million."
Evolution of Attack Tactics:
- Early hacks targeted smart contracts—a "low-hanging fruit" in the early days as they were poorly coded, but now these contracts are much more secure.
- Today’s focus is back to social engineering individuals, as humans are easier to trick than upgraded blockchain code.
- [12:24] Dan: "They're no longer cardboard pinatas, now they're made out of steel. ... So now it is harder to hack a smart contract on a blockchain than it is to just go after people's laptops and steal their private keys."

3. Protecting Yourself—Lessons from the Attack

Operational Security Tips:
- Never store large crypto sums or sensitive keys on devices used for daily communication. Use a separate (even inexpensive) device for accessing large holdings.
- [13:33] Dan: "The number one piece of advice that I always give is just separate your crypto wallet from the device you use every day."
- Training is beneficial, but as long as there are new (or untrained) users, social engineering will continue to work.
Persistence of Threat Actors:
- Even after such campaigns are exposed, some malicious Twitter accounts (like those targeting Dan) keep operating, accumulating more victims.
- [14:10] Dan: "The effectiveness of these techniques don't really go down. There are always people out there that haven't seen and internalized this information. ... I would bet that there have been additional victims from those same two Twitter accounts since Trail of Bits published our blog on it."
Law Enforcement & Attribution:
- FBI is investigating the Elusive Comet group, suspected to be operating from the West (possibly even within the U.S.).
- Blockchain’s privacy isn’t absolute—transactions can eventually be traced, making lasting anonymity for criminals unlikely.
- [15:07] Dan: "I think the privacy protections on blockchains are notoriously porous, that in a lot of cases where somebody really applies all the effort ... you can generally track it down."

Notable Quotes & Memorable Moments

On Social Engineering Success:
- [07:53] Dan: "A lot of people I think are willing to take that step and just click these buttons because they don't know what they actually do once they click them."
On Hacker Mindset and Ease of Attack:
- [10:58] Dina: "Imagine a vending machine. You put in your dollar, press B7, and you get your nacho cheese Doritos. No cashier, no small talk, no tip. That's a smart contract."
On Law Enforcement Hopefulness:
- [15:44] Dan: "So a likelihood over the long term that these guys get caught is probably pretty high in my mind. So enjoy your stolen cryptocurrency while you can, because I don't assume that this is going to last forever."
Parting Insight:
- [15:58] Dina: "Security threats aren't just about code. They're about human frailty, ego, urgency, a momentary lapse in skepticism. So install all the cybersecurity you want, but also keep your skepticism and that ego of yours in check."

Important Segment Timestamps

[01:10] — Live hacker audio: setup of the fake interview scam.
[04:46] — Red flags about message legitimacy.
[06:20] — Exploitable Zoom feature explained.
[07:23]–[07:46] — How time pressure and flattery are used in social engineering.
[10:27] — Why individual crypto wallets are a prime target.
[12:24] — Modern smart contracts vs. exploits.
[13:33] — Security best practices for crypto holders.
[15:07] — On blockchain privacy and likelihood of catching attackers.
[15:58] — Episode conclusion on human vulnerabilities.

Takeaways

Even high-profile cybersecurity professionals are targets—nobody is immune.
Social engineering is often more dangerous and successful than technical exploits.
A little-known Zoom feature can be weaponized to devastating effect.
Human psychology (ego, urgency, confusion) remains a perennial vulnerability.
Best defense for crypto holders: isolate critical assets/devices and be relentlessly skeptical.
The digital chain of evidence and persistent nature of blockchains mean most criminals eventually leave a trail.

Summary Prepared For:
Anyone interested in cybersecurity, social engineering, personal digital security (especially in crypto), or how everyday technology tools can be covertly weaponized.

Click Here — "The Ego Exploit"

Episode Overview

Key Discussion Points & Insights

1. The Anatomy of a Social Engineering Attack

Setup:
- Dan receives a Twitter DM from someone claiming to be a Bloomberg Crypto reporter requesting an interview on Zoom—a plausible scenario for someone of Dan's profile.
- Despite some initial alarm bells (e.g., switching to Telegram, using Gmail for correspondence), Guido's curiosity led him to play along safely by using a spare Chromebook.
- The attackers never appeared for the call, prompting Dan to investigate further.
- [04:46] Dan: "The fact that a Bloomberg News person, like, wouldn't talk over text, wouldn't talk over signal, wouldn't talk over email. ... And then the email confirmation from a Gmail address, like, I don't think so."
Hacker's Methods:
- Elusive Comet, the hacker group, relies not on technical exploits but on social engineering combined with Zoom's built-in "remote support" feature.
- This feature allows remote control—keyboard, mouse, screen—after user consent, which can be manipulated easily with urgent-sounding requests.
- [06:20] Dan: "There's actually this IT remote support feature that's built into Zoom that allows somebody else to take control of your screen, your keyboard, your mouse..."
- [06:38] Dan: "It was just sort of a shockingly easy trick to play that only requires social engineering. And it gets you code execution out the other end."
Psychological Tactics Used:
- Time pressure: Making the target feel urgency to comply.
- Ego stroking: Flattering the target to lower their guard.
- [07:29] Dan: "They're saying, you're so important to talk to. We know all the great work that you've done and like, this is going to be great exposure for you. It's Bloomberg, you know, it's huge. And they just lean into it and lay it on pretty thick. Right away you feel really good about yourself, like, oh, somebody finally noticed me."

2. Why Go After Individuals, Especially in Crypto?

Crypto Wallets as Fast Targets:
- It's easier and more lucrative for hackers to target individual crypto holders than hack corporate systems or smart contracts.
- [10:27] Dan: "You don't have to navigate through a big company to find the secret formula to Coke buried 10 levels deep... Instead, you've just got a single person's computer that has a private key on it, and as soon as you read it, you can go grab $2 million."
Evolution of Attack Tactics:
- Early hacks targeted smart contracts—a "low-hanging fruit" in the early days as they were poorly coded, but now these contracts are much more secure.
- Today’s focus is back to social engineering individuals, as humans are easier to trick than upgraded blockchain code.
- [12:24] Dan: "They're no longer cardboard pinatas, now they're made out of steel. ... So now it is harder to hack a smart contract on a blockchain than it is to just go after people's laptops and steal their private keys."

3. Protecting Yourself—Lessons from the Attack

Operational Security Tips:
- Never store large crypto sums or sensitive keys on devices used for daily communication. Use a separate (even inexpensive) device for accessing large holdings.
- [13:33] Dan: "The number one piece of advice that I always give is just separate your crypto wallet from the device you use every day."
- Training is beneficial, but as long as there are new (or untrained) users, social engineering will continue to work.
Persistence of Threat Actors:
- Even after such campaigns are exposed, some malicious Twitter accounts (like those targeting Dan) keep operating, accumulating more victims.
- [14:10] Dan: "The effectiveness of these techniques don't really go down. There are always people out there that haven't seen and internalized this information. ... I would bet that there have been additional victims from those same two Twitter accounts since Trail of Bits published our blog on it."
Law Enforcement & Attribution:
- FBI is investigating the Elusive Comet group, suspected to be operating from the West (possibly even within the U.S.).
- Blockchain’s privacy isn’t absolute—transactions can eventually be traced, making lasting anonymity for criminals unlikely.
- [15:07] Dan: "I think the privacy protections on blockchains are notoriously porous, that in a lot of cases where somebody really applies all the effort ... you can generally track it down."

Notable Quotes & Memorable Moments

On Social Engineering Success:
- [07:53] Dan: "A lot of people I think are willing to take that step and just click these buttons because they don't know what they actually do once they click them."
On Hacker Mindset and Ease of Attack:
- [10:58] Dina: "Imagine a vending machine. You put in your dollar, press B7, and you get your nacho cheese Doritos. No cashier, no small talk, no tip. That's a smart contract."
On Law Enforcement Hopefulness:
- [15:44] Dan: "So a likelihood over the long term that these guys get caught is probably pretty high in my mind. So enjoy your stolen cryptocurrency while you can, because I don't assume that this is going to last forever."
Parting Insight:
- [15:58] Dina: "Security threats aren't just about code. They're about human frailty, ego, urgency, a momentary lapse in skepticism. So install all the cybersecurity you want, but also keep your skepticism and that ego of yours in check."

Important Segment Timestamps

[01:10] — Live hacker audio: setup of the fake interview scam.
[04:46] — Red flags about message legitimacy.
[06:20] — Exploitable Zoom feature explained.
[07:23]–[07:46] — How time pressure and flattery are used in social engineering.
[10:27] — Why individual crypto wallets are a prime target.
[12:24] — Modern smart contracts vs. exploits.
[13:33] — Security best practices for crypto holders.
[15:07] — On blockchain privacy and likelihood of catching attackers.
[15:58] — Episode conclusion on human vulnerabilities.

Takeaways

Even high-profile cybersecurity professionals are targets—nobody is immune.
Social engineering is often more dangerous and successful than technical exploits.
A little-known Zoom feature can be weaponized to devastating effect.
Human psychology (ego, urgency, confusion) remains a perennial vulnerability.
Best defense for crypto holders: isolate critical assets/devices and be relentlessly skeptical.
The digital chain of evidence and persistent nature of blockchains mean most criminals eventually leave a trail.

Summary Prepared For:
Anyone interested in cybersecurity, social engineering, personal digital security (especially in crypto), or how everyday technology tools can be covertly weaponized.

wavePod

The ego exploit

Powered by Wave AI

Summary

Click Here — "The Ego Exploit"

Episode Overview

Key Discussion Points & Insights

1. The Anatomy of a Social Engineering Attack

2. Why Go After Individuals, Especially in Crypto?

3. Protecting Yourself—Lessons from the Attack

Notable Quotes & Memorable Moments

Important Segment Timestamps

Takeaways

Summary

Click Here — "The Ego Exploit"

Episode Overview

Key Discussion Points & Insights

1. The Anatomy of a Social Engineering Attack

2. Why Go After Individuals, Especially in Crypto?

3. Protecting Yourself—Lessons from the Attack

Notable Quotes & Memorable Moments

Important Segment Timestamps

Takeaways