National Chronicle
Auto/Tech Top News

Over 500,000 Hacked Zoom Accounts Sold on the Dark Web

Over 500,000 Hacked Zoom Accounts Sold on the Dark Web

Over 500,000 Hacked Zoom Accounts Sold on the Dark Web

Cybersecurity investigators discovered that more than 500,000 credentials of those who attended the office’s conference calls via the video conferencing app, Zoom were either sold or given away for free on the Dark Web.

For those who don’t know, Zoom has recently seen a surge in popularity as more and more people are forced to work from home in the midst of the coronavirus pandemic (COVID-19).

Discovered by cybersecurity intelligence firm Cyble, the accounts were sold on hacker forums for less than a penny each per account, while some of them were given away in bulk for free.

Cyble was able to purchase 530,000 Zoom credentials for $ 0.0020 per account, which included details such as email addresses, passwords, personal meeting URLs, and Zoom host keys (a six-digit pin linked to the owner’s account).

What is Aarogya Setu app, how it works

Several accounts for sale belonged to institutions or companies, including Citibank, Chase, and more, as well as universities and colleges such as the University of Vermont, Dartmouth, Lafayette, the University of Florida, the University of Colorado, and others.

Both Bleeping Computer and Cyble verified the authenticity of the accounts of some of their clients and confirmed that they were valid.

Zoom accounts started appearing for sale around April 1, and hackers offered the accounts to gain a greater reputation among hacker communities, Cyble told BleepingComputer.

According to the report, the accounts for sale on the dark web are the result of “credential stuffing attacks” and not a Zoom hack. This means that hackers used password and email combinations obtained through accounts leaked in older data breaches to test them against Zoom accounts.

Successful logins are compiled into lists that are sold or offered free to other hackers, so that they can use them in zoom-bombardment pranks (in which uninvited attendees disrupt meetings with hateful or pornographic content) and malicious activities.

Accounts are reportedly shared through text-exchange sites where compiled lists of email addresses and password combinations are published.

Over 500,000 Hacked Zoom Accounts Sold on the Dark Web
Over 500,000 Hacked Zoom Accounts Sold on the Dark Web

How to verify if your Zoom account was hacked?

If you are concerned that your email address has been leaked, you can verify it using the Have I Been Pwned and Cyble Amibreached data breach notification service and change your  password, especially if the same password is used elsewhere.

To prevent your account details from leaking, we recommend that you use unique passwords for each website, service, and applications you use.

Zoom has been getting a backlash over neglected privacy and security protections. The company’s CEO, Eric Yuan, also acknowledged the concerns, saying: “[We acknowledge] that we have not met the privacy and security expectations of the community, and ours. So I’m very sorry. ”

Zoom recently announced a 90-day feature freeze and devoted its resources to identifying, addressing, and troubleshooting existing security issues within the service. During this period, no new features will be implemented until the current feature set is fixed.

Related posts

Sweden to join India’s ‘Shukrayan’ mission, to be launch in 2024-26

Team NC

Delhi Police conducts raids to nab killer seen in CCTV footage

Team NC

In the premium smartphone market, Vivo buried ‘flags’ with 504% growth, became number-2 for the first time, know who is number 1

Team NC

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More