Over half a million accounts from video conferencing service Zoom are available for sale on hackers’ forums and the so-called dark web. Another example of the problem of reused passwords.
Cyber security company Cyble has discovered that over half a million accounts belonging to users of the hugely popular video conferencing service Zoom are for sale on the internets various backyards, writes Bleeping Computer.
Of course, this is not unique to Zoom, but the service’s explosive increase in users has focused on the service’s various aspects of lack of IT security. These accounts that are now out on the net’s hacker forum do not come from a leak from Zoom, but the lists of account details have been generated through so-called “credential stuffing” which is about testing already leaked usernames and passwords to see if they can also be used to another service, in this case Zoom.
This is a classic example of the problem that many users use the same or only a few passwords for many different services. The lists that have now been compiled based on already leaked user data have been checked by sampling by analysts at Cyble.
The lists are sold for fairly low amounts, as little as a few pennies per account, or can even be donated. All for performing so-called zoom bombing, ie “breaking in” in an ongoing meeting, or other types of attack. In addition to usernames and passwords, the lists also include meeting links and host keys.
The solution for users and organizations is to make sure to use unique passwords, or even better 2-factor authentication, which Zoom also supports.