Many Zoom accounts have been sold on the dark web or on hacker forums for less than a cent, and in some cases they have even been given away.
According to a new BleepingComputer report , hundreds of thousands of Zoom accounts have been sold or given away on the dark web and hacker forums.
Zoom has become very popular in the past few weeks as the number of people working from home has increased, but it has been the focus of much privacy controversy . However, the availability of Zoom accounts on the dark web doesn’t seem to be a direct consequence of the app’s problems.
The report says the sale of the login data is the result of ” credential filler attacks “, with which hackers attempt to access Zoom using accounts leaked in previous data breaches.
The credentials of the accounts are then collected in lists and sold or offered free of charge to other hackers .
Accounts are reportedly shared via text-sharing sites such as email address lists and password combinations. Accounts can include email address, password, video call URL and their HostKey.
Cybersecurity company Cyble, which was able to purchase 530,000 Zoom accounts for less than a penny each, said the accounts started appearing in the hacker community in early April.
The finding underscores the importance of using unique passwords for each website where an account is registered. Interested users are advised to check whether their email address has been hacked using the Have I Been Pwned website or Cyble ‘s AmIBreached data breach notification service and, if used elsewhere, change the Zoom password.
check out more posts from IDC
Recent Comments