500 5ky1r 000 Hacked Zoom s Being Sold on Dark Web: Report

Zoom s were reportedly being sold for $0.0020 (roughly Rs. 0.15) per and in some cases, given away for free. 6i2k3m

By Vineet Washington | Updated: 14 April 2020 18:08 IST

500,000 Hacked Zoom s Being Sold on Dark Web: Report

Photo Credit: BleepingComputer 6g4w5

Hacked Zoom s included college students from several universities

Highlights

Over 500,000 Zoom s are reportedly being sold on the dark web
The s include email address, s, personal meeting URLs, etc
The Zoom s were gathered using credential stuffing attacks

ment

Zoom video conferencing app has seen an unprecedented level of growth in the past month or so. This is mainly because of the coronavirus pandemic that has forced people to stay indoors and work from home, leaving voice and video calls the only way of communication. Because of this sudden growth, several privacy and security concerns surrounding Zoom have come to the fore. Now, a fresh report claims that over 500,000 Zoom s have been hacked and are being sold on the dark web.

A Zoom s for less than a penny each and in some cases, they are being given away for free. The report adds that this information about free Zoom s being posted on hacker forums was first pointed out by Cybersecurity intelligence firm Cyble around April 1. The firm then reached out to the sellers of these s and bought 530,000 Zoom credentials at $0.0020 (roughly Rs. 0.15) per , in an attempt to warn their customers of the breach.

The report also adds that these s were hacked through credential stuffing attacks that use previously leaked s to to Zoom. The credentials that are successfully logged in are then compiled and sold to other hackers. These types of attacks are not unique to Zoom, the report states.

These Zoom credentials include email address, s, personal meeting URLs, and HostKeys, according to the report. It was also found that 290 s were related to universities and colleges like University of Vermont, Dartmouth, Lafayette, University of Florida, University of Colorado, and others. Some s belonged to well-known companies such as Citibank, Chase, and more. Both Bleeping Computer and Cyble claim they have verified some of these s and that the credentials used were valid.

It is highly advisable that s change their Zoom s, especially if the same is used elsewhere. They should try to use unique s for each site. s can also check if their email address has been leaked by going to Cyble's AmIBreached service or Have I Been Pwned service.

This comes after Zoom faced several allegations for its held a livestream acknowledging the issues and stating that the company is working on fixing them.

Mi TV 4X vs Vu Cinema TV: Which is the best budget TV in India right now? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, the episode, or just hit the play button below.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.