Campaign REF6598 uses fake shared Obsidian vaults and social engineering to deliver PHANTOMPULSE RAT to finance and crypto targets on Windows and macOS.
Key Takeaways
Attackers pose as VCs on LinkedIn/Telegram, lure targets into a shared Obsidian vault, then trick them into enabling community plugins to trigger execution.
Malicious versions of legitimate plugins (‘Shell Commands’, ‘Hider’) run PowerShell or AppleScript to drop PHANTOMPULL loader, which injects PHANTOMPULSE into memory.
PHANTOMPULSE resolves its C2 server by querying Ethereum blockchain transactions from a hard-coded wallet, making the infrastructure resistant to takedown.
RAT capabilities include keylogging, screenshots, file exfiltration, and arbitrary command execution; primary risk is crypto wallet keys and exchange credentials.
Detection pivot: alert on Obsidian.exe spawning powershell.exe, cmd.exe, or osascript, and monitor outbound connections to Ethereum nodes from unexpected processes.
Hacker News Comment Review
Commenters disagree on blame: one view is Obsidian’s existing warnings are sufficient and this is pure social engineering; the other is that the plugin system’s design makes shared vaults inherently unsafe regardless of warnings.
The practical takeaway from discussion is to never enable plugin sync from an untrusted vault; one commenter recommended demanding plaintext exports instead of accepting shared vaults at all.
Obsidian’s own documentation acknowledges it cannot restrict plugin permissions, so community plugins inherit full application-level access, which commenters cite as the structural issue.
Notable Comments
@zhivota: argues the design makes shared vaults unusable as a collaboration tool: “never accept a shared Obsidian vault, demand a plaintext export”
@Groxx: surfaces Obsidian’s own docs stating plugins cannot be reliably restricted to specific permissions and inherit full access levels.
