The $200,000 Zoom call
Jake Gallen used to think the best stories in Las Vegas happened behind velvet ropes. Between 2010 and 2020, he lived the Strip’s hustle — poolside service as a model cabana host at Planet Hollywood, then navigating the bottle-fueled chaos as a beverage runner at Omnia Nightclub.
Initially, he saw those jobs as a possible forever thing — a grown-up extension of his Greek life at University of Nevada, Las Vegas, just with better lighting and bigger tips. But bottle service, it turns out, has a shelf life.
“After a year or two you're like, man, this kind of sucks,” Gallen said. He was missing birthdays. Missing weekends. Making endless small talk with tourists in flip-flops.
Then, in 2016, he stumbled across a post on Reddit’s r/WallStreetBets about this Bitcoin cryptocurrency alternative called Ethereum. And the deeper he got into it, the more he thought this wasn’t just a speculative asset — it was a movement.
“It kind of strips power away from a lot of the central authorities,” he said. “For me I was very certain that this was going to be the industry that changes the world.”
What followed looked like a crypto success story in fast-forward: Gallen became a blockchain evangelist, then a collector of early non-fungible tokens (NFTs), and eventually the CEO of a company called Emblem Vault.
He built a brand based on authenticity and access. He doxxed himself in a culture that is more inclined toward aliases. He told the world what he owned and what it was worth. And for a while, that worked — until a single Zoom call back in April changed everything.
The hack heard around the blockchain
Gallen was one of the first big names in the “historical NFT” space, a niche corner of crypto obsessed with the earliest blockchain collectibles — think pixelated cats and forgotten token experiments from the early 2010s. Gallen gushed about them on podcasts and conference panels. He began livestreaming and started a podcast, and what the projects all shared was the authenticity and clarity of a man who’d found a calling.
Unlike most of the crypto blogosphere, Gallen didn’t hide behind a Bored Ape avatar. He used his real name. Posted his real face. Shared his holdings and gave advice. “Since I started in 2017, being a doxxed person was unheard of,” he said. “Obviously it makes you a target, but it also makes you a little bit more respectable.”
That transparency, he believed, gave him an edge that others didn’t have.
From antique cats to crypto clout
Before NFTs were a thing, Gallen already had an eye for collectibles. He once ran an antique store with his father in Las Vegas, trading in vintage goods and retro memorabilia. So when blockchain-based art entered the scene, he immediately understood the draw.
“We were very knowledgeable in this world of antiquities and collectibles,” he said.
He gravitated toward “historical NFTs” — blockchain assets that were old, overlooked, and limited in number. One of his most prized pieces was a MoonCat, a pixelated feline from one of the earliest NFT projects. “I was one of the largest MoonCat collectors at the time,” he said.
The MoonCats, the livestreaming and the podcast all helped vault him into a kind of crypto stardom. He was invited to participate in Sotheby’s second-ever NFT auction. People sought him out. He started to rub elbows online with celebrities like Steve Aoki and Paris Hilton. And interview requests flooded in — sometimes five or eight a week.
Which brings us to April 2025.
Zoom and enhance (your risk)
That’s when he got an interview request from a YouTube show called Tactical Investing. And when Gallen did his due diligence, the channel looked legit: lots of subscribers, years of content and a back catalog that included people Gallen actually knew.
“The YouTube channel had close to 100,000 subscribers, had like six years of posting history,” he said. “It had interviews with people that I'm familiar with in the industry… It was posting videos every few days or so.”
So Gallen agreed to the interview.
When he hopped onto a Zoom for the chat about a week later, the host logged in with his camera off — which Gallen thought was a bit odd for a YouTuber — but then the questions came: they were sharp and nuanced and focused, and whatever momentary reservations Gallen had disappeared. Then the host asked Gallen to talk about his company, Emblem Vault, and its newest tool, a blockchain tracking interface called Agent Hustle.
Can you give us a demo? The host asked.
Gallen didn’t need to be asked twice. A pop-up appeared, requesting permission to access his screen. Gallen didn’t give it a second thought — he just clicked ‘yes’ and began walking the host through the tool. It was a moment that happened so fast that Gallen barely remembers it.
”I actually don't remember clicking any buttons, to be completely honest. Later on when I talked to Zoom, they confirmed that remote access was given, but I don't remember that at all. It could just be because I was in conversation,” he said.
He clicked just that once.
Sleight of hand, courtesy of Zoom
Gallen thought the interview had gone really well. But then the next morning, he got an alert. One of his MoonCats — purchased for $100,000 — had just sold for the bargain basement price of $1,000. That was weird.
“And then I see another sale happen. I get another notification that another sale’s happened, very low ball,” he said.
More of his digital assets kept vanishing, then his social media accounts were hijacked. “I know there's a hack that's happening,” he said. “I don't know how or what or why.” But he was pretty sure it had something to do with that YouTube interview.
That’s when he called SEAL — the Open Security Alliance, a white-hat hacking group that handles everything from phishing scams to North Korean crypto heists. “We do everything from people who got phished for a thousand dollars to kidnappings,” said SEAL’s Nick Bax.
At first blush, the hack had all the hallmarks of a North Korean job. The regime has used Zoom scams before: fake job interviews, broken audio, dodgy links. But something didn’t add up. Gallen hadn’t clicked anything suspicious. No malware. No sketchy PDF.
Then SEAL spotted it.
Not Pyongyang. More like Pasadena.
“[The hackers] had a Zoom account where the name on the account was Zoom,” Bax said. “And then they requested remote control.”
That request triggered a pop-up notification — one that looked just like a standard screen-sharing confirmation. “People just think it's requesting permission to share my screen,” Bax explained. “But it's actually requesting permission to remotely control your desktop.”
In other words, when Gallen was doing that demo he had unknowingly handed over full control of his computer: files, wallets, seed phrases — everything to the people on the other end of the call.
“When you do get hacked, it's like a magic trick,” Bax said. “Like an illusion.”
SEAL eventually traced the attack to a group they call ELUSIVE COMET — not North Korean, but Westerners mimicking their tactics. Possibly to mislead investigators. Possibly just to flex. Either way, the damage was done.
Hack by default
What stung most, Gallen said, was how low-tech the hack actually was. No forced entry or phishing site. Just a single, easily overlooked setting in Zoom, allowing the hackers to put a simple piece of malware on his device.
“Basically the whole scam is that if you're a host of a Zoom interview, you can request remote access to the guest,” Gallen said. “If you turn that default feature off, this whole thing goes away. It’s literally that simple.”
Zoom told the Click Here podcast that it takes security seriously, and that users must give “explicit consent” before allowing remote control. But experts say that’s a design cop-out. “They could easily fix this by just making remote access default off,” Gallen said. “But they don’t seem to be interested in wanting to make that change.”
Days later, Jake got a message. It was from the actual host of Tactical Investing — a guy named Alex Bannister. He’s in the Air Force and he said his YouTube account had been hijacked days before. He even sent Jake a video of himself in uniform, holding up his name badge to prove who he was. The hackers had fooled them both.
Gallen said he lost between $150,000 and $200,000 — and he’s gone public about it all because that’s kind of his brand: he’s an open book. And now he’s a cautionary tale, and he’s telling everyone who’ll listen what happened to him.
“Do I wanna be the face of this? No,” he said. “But do I want people to be aware of what’s going on? Yeah. Absolutely.”
Because for all the talk of blockchains, wallets and digital sovereignty, it turns out the weakest link wasn’t in the code. It was in a single, casual click.
Dina Temple-Raston
is the Host and Managing Editor of the Click Here podcast as well as a senior correspondent at Recorded Future News. She previously served on NPR’s Investigations team focusing on breaking news stories and national security, technology, and social justice and hosted and created the award-winning Audible Podcast “What Were You Thinking.”
Zach Hirsch
is a senior producer at the Click Here podcast. Previously he worked for North Country Public Radio and freelanced as a reporter, editor, sound designer, and was the co-host of the investigative podcast, "If All Else Fails. His work has been featured on NPR, iHeartMedia, and PRX.