Crypto King Jake Gallen Hacked for $200K: Zoom Remote Control Led to NFT & Seed Phrase Theft
Do Son 
Jake Gallen was more than just a familiar face in the NFT scene—he had become a symbol of transparency in a world where most hide behind pseudonyms and avatars. His name was well-known across the crypto space; he hosted livestreams and podcasts, openly sharing the contents of his digital wallet. Everything was going smoothly—until a single Zoom call brought it all crashing down.
In April 2025, Gallen agreed to an interview with a YouTube channel called Tactical Investing. The channel seemed reputable—thousands of subscribers, archived episodes, recognizable guests. The host didn’t turn on his camera, which was odd but not alarming. The questions were intelligent and well-informed, and Gallen saw no reason for concern.
During the discussion, when the topic turned to Emblem Vault, a standard Zoom notification appeared—an innocuous-looking window requesting screen sharing. A common occurrence. Deep in conversation, Gallen clicked “Allow,” thinking he was merely demonstrating his service’s interface. But behind that window lay something far more insidious.
As experts would later determine, the Zoom request was not for simple screen sharing—it was a prompt for remote control, a feature automatically available to the meeting host. Visually, the request bore only minor differences from the usual prompt. Distracted by the dialogue, Gallen unwittingly handed complete control of his machine to the attacker.
The hackers—posing as the show’s host—moved with ruthless precision. Within seconds, they accessed open browser tabs, active applications, text files, and most critically, his crypto wallet and locally stored seed phrases. No phishing, no malware—just cunning and a deep understanding of the Zoom interface.
By the following morning, Gallen’s NFT assets began to disappear, sold off at drastically reduced prices. His accounts were compromised. In desperation, he turned to white-hat hackers, who swiftly traced the breach back to a group known as ELUSIVE COMET—not Korean, as initially suspected, but Western impersonators mimicking familiar techniques.
It all hinged on a single Zoom setting: by default, a host can request remote access to a participant’s device. And if the participant fails to notice the subtlety—that’s it. One click, and everything is gone.
Gallen later discovered that the Tactical Investing channel itself had also been hijacked. The real owner—an officer in the U.S. Air Force—sent a video, badge in hand, to prove his identity.
The total loss? Around $200,000. Now, Gallen shares his story not for clout, but as a warning: in a crypto world built on trust in code, a person can still be undone by nothing more than a deceptive Zoom window.
Donate