Zoom app hijackers disrupting calls with pornographic and hateful imagery

(Image credit: Shutterstock)

Anonymous individuals are hijacking and disrupting Zoom video conferences held by schools and businesses, the US Federal Bureau of Investigation (FBI) has warned.

Having infiltrated the conference, hijackers are reportedly displaying pornographic, profane and hateful imagery to attendees. Some are doing so with the intention of posting videos to social media.

Cyberattacks of this variety have gained in popularity in recent weeks, as millions of students and employees turn to online video conferencing amid coronavirus quarantine mandates.

Dashlane Password Manager, now with a free VPN
Dashlane Premium

Make careless data decisions history with our dark web monitoring and alerts. Get Dashlane for seamless, private 'interneting' with 2FA (two-factor authentication) by default. Your privacy matters to us‎ so that’s why there's no limit on devices or passwords stored or shared.

While the extent of damage caused by trolling attacks is comparatively minimal (as victims are not infected with any form of malware), disruption could take its toll on organisations already struggling to navigate the global crisis.

Zapped by Zoom? Here's 20% off Ringcentral Office

Zapped by Zoom? Here's 20% off Ringcentral Office
Integrated video conferencing, screen sharing and messaging for teams big and small. Get more done before, during, and after meetings with fully integrated messaging and a modern business phone system. Join Ringcentral Office and get the first month free, buy a phone and get another for free plus 20% off. This is a limited time offer.

'Zoom-bombing' attacks

Zoom has experienced a sharp rise in traffic in recent weeks, with the app downloaded more than 50 million times on Google Play store alone. The company's market valuation, meanwhile, has rocketed to $42 billion - up from $16 billion in 2019.

The firm has issued patches for a series of vulnerabilities over the past year, some of which allowed attackers to discover and infiltrate insecure video conferences. However, recent reports suggest hijacking remains a widespread issue. 

“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” said a warning published by the intelligence body.

“As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the Covid-19 crisis, reports of VTC hijacking (also called ‘Zoom-bombing’) are emerging nationwide.”

In one such incident, an unknown individual joined an online class taking place over Zoom, shouted profanities and revealed the teacher’s personal address. In another case reported to the FBI, an unidentified conference attendee paraded a set of swastika tattoos.

Fast food chain Chipotle was also forced to abandon a Zoom call after an individual broadcasted pornography to the hundreds of participants in attendance.

To avoid incidents of this kind, the FBI has advised schools and businesses adhere to the following guidelines:

- Do not make meetings or classrooms public
- Do not share Zoom conference links on public social media
- Manage screen-sharing options
- Ensure users keep their Zoom clients up to date
- Ensure your organisation's telework policy addresses requirements for physical and information security

Via Bleeping Computer

Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.