Written byShubham Sharma
Zoom, the video conferencing service that shot to fame in the wake of the COVID-19 crisis and then became a center of multiple controversies, has been hit by another pressing issue.
A group of cybersecurity experts has discovered that more than 5 lakh accounts active on the service have been compromised and are being sold on the dark web.
Here's all about it.
According to cyber risk assessment experts at Cyble, around 530,000 Zoom accounts have been on sale on underground hacker forums since April 1.
The compiled list was shared through text-sharing sites, where the threat actors kept posting Zoom account emails, the passwords associated with them as well as personal meeting URLs and Zoom host keys needed for joining calls.
In the stolen batch of credentials, some accounts were being offered at dirt cheap prices, which is less than a penny per account, while others were given away for free.
Notably, the free batch of accounts included credentials of Cyble's clients as well as those of students and teachers at the University of Vermont, University of Colorado, Dartmouth, Lafayette, and the University of Florida.
The teams at Cyble and Bleeping Computer contacted the emails being sold and confirmed that the credentials were valid.
However, in at least one case, a Zoom user confirmed that their details were old, which indicates that the account IDs-passwords have been gathered using credential stuffing - the attack in which hackers use previously-leaked credentials to see if they work on a particular service.
Now, if these credentials are really from old breaches, the email and password combinations in question might just work on Zoom - and not on other services.
But, even if this is just for Zoom, the free access could easily be exploited by malicious actors for Zoom bombing or other ill-intended activities involving the unauthorized use of someone else's account.
In order to keep your Zoom and other accounts protected, use a unique password for each service. Also, check sites like Have I been pwned to make sure that the password that has already been breached isn't used anywhere else.
Love Science news?
Subscribe to stay updated.