Five lakh Zoom accounts are being sold on dark web
Zoom, the video conferencing service that shot to fame in the wake of the COVID-19 crisis and then became a center of multiple controversies, has been hit by another pressing issue. A group of cybersecurity experts has discovered that more than 5 lakh accounts active on the service have been compromised and are being sold on the dark web. Here's all about it.
Accounts being sold at hacker forums
According to cyber risk assessment experts at Cyble, around 530,000 Zoom accounts have been on sale on underground hacker forums since April 1. The compiled list was shared through text-sharing sites, where the threat actors kept posting Zoom account emails, the passwords associated with them as well as personal meeting URLs and Zoom host keys needed for joining calls.
Anyone could buy these accounts at dirt cheap prices
In the stolen batch of credentials, some accounts were being offered at dirt cheap prices, which is less than a penny per account, while others were given away for free. Notably, the free batch of accounts included credentials of Cyble's clients as well as those of students and teachers at the University of Vermont, University of Colorado, Dartmouth, Lafayette, and the University of Florida.
So, how the hackers got access to these credentials
The teams at Cyble and Bleeping Computer contacted the emails being sold and confirmed that the credentials were valid. However, in at least one case, a Zoom user confirmed that their details were old, which indicates that the account IDs-passwords have been gathered using credential stuffing - the attack in which hackers use previously-leaked credentials to see if they work on a particular service.
Credentials might have been changed on other services
Now, if these credentials are really from old breaches, the email and password combinations in question might just work on Zoom - and not on other services. But, even if this is just for Zoom, the free access could easily be exploited by malicious actors for Zoom bombing or other ill-intended activities involving the unauthorized use of someone else's account.
How to protect your account?
In order to keep your Zoom and other accounts protected, use a unique password for each service. Also, check sites like Have I been pwned to make sure that the password that has already been breached isn't used anywhere else.
