Over 500,000 Zoom Accounts for Sale on the Dark Web
As remote workers across the globe turn to video conferences, Zoom has quickly become an essential service for many. Unfortunately, the free service’s rapid growth means that cybercriminals have found an easy target for their schemes. Zoom-bombing, a phenomenon in which people intrude into virtual meetings, has been a primary issue for the service since seeing an increase of over 100 million members since March. Criminals are now intensifying their attacks. In the most recent attack, over 500,000 Zoom accounts were breached and sold on hacker forums and the dark web for less than a penny each.
Some of the Zoom account credentials being sold for only $.0020 have been linked to well-known organizations and educational institutions including Citibank, Chase, and the University of Florida, among others. The purchased accounts provided a victim’s email address, password, personal meeting URL, and Zoom HostKey, which allows a Zoom meeting host to control virtual meetings. Other accounts are being distributed on hacker forums completely free of charge with the sole purpose of gaining an increased reputation in the hacking community.
According to bleepingcomputer.com, “These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.”
Credential stuffing is a cyberattack method in which attackers use lists of known valid credentials obtained from data breaches to attempt to break into other accounts. Because many people reuse passwords from account to account, these attacks yield a high success rate and are popular in the hacker community.
While this latest attack specifically targeted Zoom, every organization has the potential risk of being affected by a credential stuffing attack. As cybercriminals continue to search for ways to maliciously target remote workers, it is crucial to ensure that you are using unique passwords for each of your individual online accounts. That way, in the instance that one of your accounts is breached and an attacker gains access to your login credentials, they will not be able to use that information to hack into your other accounts.
Consider using a password manager for easy-access storage of your unique passwords and to keep your account credentials as safe as possible.
For more information about the Zoom data breach, visit https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/