Security suspicions surrounding popular video calling app Zoom continue to get worse with time as a new report arose stating another issue. Apparently, hundreds of thousands of Zoom accounts are being sold or given away for free on the dark web and hacker forums.
This report comes a few weeks after concerns about the app’s security started making headlines. The complaints had even prompted an investigation from the FBI after cases of porn hack began to arise. Now, with this new claim, you would only expect things to get worse for Zoom.
However, the dubious availability of Zoom accounts on the dark web seems to not be a direct consequence of the app’s negligence. They are accounts that have been accessed by hackers after attempting to log in to random accounts. Any successful logins are then immediately compiled into lists and sold on or offered for free to other hackers. This is with the aim of using them in zoom-bombing pranks or just for outrightly spiteful reasons.
As reported, the accounts are being shared via text sharing sites as lists of email addresses and password combinations. The credentials include someone’s email address, password, personal meeting URL and their HostKey.
A cybersecurity firm, Cyble, attempted to bid for and was able to purchase 530,000 Zoom accounts and credentials for only $0.0020 per account. The firm went ahead to report that the accounts began appearing in the hacker community at the beginning of this month as attackers try to build their reputation.
So, it might very well be crucial to change your account credentials as fast as possible since you never know when an attacker could get to your account next. And with such numbers already, you can’t help but fear for more attacks as time goes. Alternatively, you can check if your email address has been leaked in stat breaches using the Have I Been Pwned website or Cyble’s AmIBreached data breach notification service.