Thousands of Zoom accounts are being put up for sale online, new research has revealed.
An investigation by security firm Cyble found that more than 500,000 Zoom accounts are up for sale on the dark web and notorious hacker forums, raising more questions over the safety of the popular video conferencing app
Cyble found that Zoom accounts are often sold for less than a penny each, with some even given away for free to hackers looking to test out so-called 'Zoombombing' attacks.
(opens in new tab)- What is Zoom? How it works, tips and tricks and best alternatives
- Here's our list of the best Zoom backgrounds (opens in new tab) on the market
- Best video conferencing software 2020: free and paid solutions for business
Zoom dark web
"It is common for web services that serve consumers to be targeted by this type of activity, which typically involves bad actors testing large numbers of already compromised credentials from other platforms to see if users have reused them elsewhere," a Zoom spokesperson told TechRadar Pro.
"This kind of attack generally does not affect our large enterprise customers that use their own single sign-on systems. We have already hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials."
"We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts.”
Zoom has seen a huge level of scrutiny in recent weeks as its user base has soared due to the rise of working from home during the coronavirus outbreak.
The company has faced severe criticism after reports surfaced of traffic being routed through China. It has also been slammed for a lack of proper security and encryption measures and other privacy-related issues such as hackers being able to eavesdrop into calls, records of meetings available publicly on the internet, and uninvited attendees able to hijack calls.
Zoom announced earlier this week that it has appointed former Facebook security chief Alex Stamos as an adviser as safety and privacy concerns, and has also halted development of software updates to focus solely on safeguarding its service.
Among the other institutions to have blocked the use of Zoom so far are the German Foreign Ministry and the entire Taiwanese government.
- The best online collaboration tools in 2020
Via Bleeping Computer (opens in new tab)
