I have been waiting for this to happen. Any service that normalizes clicking a link in an email and encouraging the user to immediately run an autodownloaded executable is a giant security issue.
> [I]nvestigators have pinpointed a fake Zoom invite opened by one of the fund's cofounders...<p>By doing so, the hacker was able to install a malicious software program that gave them access to the fund's email system which they used to send off fake invoices [to the fund’s trustees and administrator for the amount of approximately AUD 8 700 000, of which AUD 88 000 was paid.]<p>Edit: Note that there was a lapse of diligence on the payer’s side as well.
> Following that, a Pakistani national Muhammad Bhatti made 64 (!) withdrawals from one bank where the money was transferred, as well as a small shopping spree, before leaving Australia.<p>It should be easy to track the criminal.
About three discussions on the front page right now are about Apple controlling the Mac platform, but this is one of the upsides. Companies that use only Macs with gatekeeper on have automatic protection against a whole class of cyber security problems.