• 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Video
  • Cars
  • Contribute
Menu
  • 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Video
  • Cars
  • Contribute
Search
  • 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Video
  • Cars
  • Contribute
Menu
  • 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Video
  • Cars
  • Contribute
Search
Close
Home News

Report: More than 500,000 Zoom accounts stolen, sold on the dark web

  • BY Nic Ker
  • 15 April 2020
  • 12:22 pm
  • Comment
Share on FacebookShare on Twitter

Video conferencing app, Zoom has seen a surge in popularity in recent times, with many countries that are severely impacted by the COVID-19 pandemic imposing various forms of lockdown measures. This means that now, more than ever, professionals are relying on various remote working tools. However, Zoom has had its fair share of issues, mostly related to privacy and security.

A new problem has surfaced for Zoom, a report claims. According to BleepingComputer, over 500,000 Zoom accounts have been stolen, and sold on the dark web—some are sold for nominal sums, while other are even being given away for free.

These compromised accounts are then used by hackers in “zoom-bombing” attacks, where trolls enter zoom meeting rooms to broadcast unwanted, inappropriate content to participants.

How did this happen?

The stolen Zoom accounts were discovered by cybersecurity experts over at Cyble, with accounts first seen on hacker forums on the 1st of April, 2020. According to the report, certain stolen Zoom accounts are even being offered for free as perpetrators look to improve their reputation within the hacker community.

SOURCE: Malay Mail

It must be noted that the issue doesn’t appear to be a fault on Zoom’s part. The accounts were stolen with credential stuffing attacks, where malicious parties login to Zoom accounts by using compromised account details from data breaches in the past.

In fact, the experts managed to purchase around 530,000 accounts in bulk for US$0.0020 (¬RM0.0086) per account, before alerting these users that their accounts had been compromised. The danger here, of course, is the private information stored within Zoom accounts. Email addresses, personal meeting URLs, and Zoom HostKey’s are all vulnerable.

SOURCE: BleepingComputer

Worringly, Cyble says that some of the stolen accounts belong to those from major corporations, including Citibank, as well as major Universities around the world. Zoom has issued a response:

“It is common for web services that serve consumers to be targeted by this type of activity, which typically involves bad actors testing large numbers of already compromised credentials from other platforms to see if users have reused them elsewhere. This kind of attack generally does not affect our large enterprise customers that use their own single sign-on systems. We have already hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials.”

In short, you should change your password on Zoom if you’ve used the same password for accounts on other platforms/services. Credential stuffing attacks could happen on any site, so as a precaution, use unique passwords for each registration.

[ SOURCE ]

Tags: Mobilezoom
Nic Ker

Nic Ker

POPULAR

Netflix Extra Member: Here’s how Netflix knows you’re not staying in the same household

May 24, 2023

Report: More than 500,000 Zoom accounts stolen, sold on the dark web

April 15, 2020

Yes 5G introduces the cheapest 5G postpaid plan yet in Malaysia with 100GB data for all usage

May 25, 2023
Hertz Malaysia - BYD Atto 3

You can now rent BYD Atto 3 through Hertz Malaysia for just RM150 per day

May 25, 2023

Netflix cracks down password-sharing in Malaysia: extra user slot costs RM13 per month

May 24, 2023

Malaysia’s best UNLIMITED prepaid plans – May 2023 Edition

May 29, 2023

Copyright © 2023 · SoyaCincau.com
Mind Blow Sdn Bhd (1076827-P)

  • ADVERTISE
  • DISCLAIMER

Copyright © 2023 · SoyaCincau.com – Mind Blow Sdn Bhd (1076827-P)

  • ADVERTISE
  • DISCLAIMER