Zoom has seen a significant rise in popularity as a majority of the world’s workforce are working from home. While Zoom’s benefits, like a range of video and web conferencing feature are clear for all to see, it appears as though the application is not as secure as most would like it to be.
Cyber risk intelligence company Cybel reached out to the seller of the Zoom accounts and managed to purchase 530,000 Zoom credentials at around 50c ($0.0020) each. “These accounts are shared via text sharing sites where the threat actors are posting lists of email addresses and password combinations,” as reported by Bleeping Computer.
Over 500,000 Zoom accounts sold on hacker forums, the dark web | BleepingComputer https://t.co/HQFU1AcI9U
— CyberSecInt (@CyberSecInt) April 15, 2020
The Zoom credentials being sold reportedly include vital information like email addresses, meeting URLs, passwords, and of course HostKeys, a six-digit pin tied to the owner’s Zoom account, which is used to claim host controls for a particular meeting.
Zoom responded to this breach in a statement to Mashable on 14 April – “This kind of attack generally does not affect our large enterprise customers that use their own single sign-on systems. We have already hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials. We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts.”