Cyber security researchers have found that more than 500,000 of the credentials of Zoom Accounts Hacked, those who attended office telephone conferences using the Zoom video conferencing application were sold or distributed freed from charge on the Dark Web.
For those who don’t know, Zoom’s popularity has recently increased dramatically as more and more people are forced to work from home amid the corona virus pandemic (COVID-19).
The accounts discovered by the Cyber security Cyble intelligence company were sold on pirate forums for fewer than a penny for every account, while some were distributed freed from charge.
Cyble was able to purchase 530,000 Zoom credentials for $ 0.0020 for each account, including details such as email addresses, passwords, personal meeting URLs, and Zoom host keys (one six-digit pin associated with the owner’s account ) Several sales accounts belonged to institutions or companies, especially Citibank, Chase, etc., as well as universities and colleges such as the University of Vermont, Dartmouth, Lafayette, the University of Florida, the University of Colorado, and others. Bleeping Computer and Cyble verified the authenticity of accounts belonging to some of their customers and verified their validity.
Zoom accounts began to go on sale around April 1, and hackers are offering accounts to build a reputation among pirated communities, Cyble Bleeping Computer said. Also Read: Apple & Google are Planning to turn phones into Coronavirus Contact Tracking Devices According to the report, accounts for sale on the dark web are the result of “credential jamming attacks” rather than Zoom accounts hacked.
This means that hackers used password-email combinations obtained from accounts that were discovered during earlier hacking of knowledge to see them on Zoom accounts. Successful connections are then compiled into lists that are sold or offered freed from charge to other hackers in order that they will use them as jokes with zoom bombings (in which uninvited participants interrupt meetings with hateful content or pornographic content) and malicious activity. These accounts will be transmitted through text-sharing sites where published lists of email addresses and passwords are published.
If you think your email address is leaked, you can check it using the Am I Breached data breach notification service from Cyble’s and Have I Been Pwned then change your Zoom password, especially if this password is used elsewhere. In order not to divulge your account information, it is recommended to use unique passwords for each website, service, and application that you use.
Zoom received a negative reaction to damaged privacy and security measures. The company’s CEO, Eric Yuan, also acknowledged these concerns, saying: “[We] acknowledge that we have not met the expectations of the community – and ours – in terms of privacy and security. I’m sorry about that. ” Recently, Zoom announced a 90-day blocking of functions and allocated its resources to identify, solve and solve existing security problems in the service. During this era , no new features are going to be deployed until the present feature set has been fixed.