Cybersecurity research firm Cyble says it has found information of Zoom users on the Dark Web. Specifically, the team acquired data from 530,00 users that was being sold on the dark web by hackers. Cyble says it has been seeing Zoom accounts become available since the start of April and credentials have become more available since. Among the listed credentials were from Lafayette, Chase, Citibank, the University of Vermont, Colorado, Florida, and Dartmouth. The researchers were able to acquire the information by approaching the hackers. The bad actors were willing to sell for a low amount of $0.0020 for each account. Included in the hacked credentials were email addresses, passwords, personal meeting URLs, and HostKeys. Personal meeting URLs are interesting. Last month, Zoom Bombing because common as bad actors would enter open meetings and post abuse or bad content. At the time, Zoom advised people to use personal meeting URLs and Waiting Rooms to vet participants before starting a meeting. In a follow up investigation, Bleeping Computer contacted some of the email addresses from the dump and found they were genuine.
Zoom Problems
Since becoming the go-to video communication platform during the coronavirus outbreak, Zoom has had its fair share of problems. For example, bad actors have been infiltrating meetings and ZoomBoming participants. The company also removed data sharing with Facebook over concerns regarding GDPR rules. This week it emerged a vulnerability has been found that allows hackers to get the Windows login details of users. Last week, the company’s CEO, Eric S. Yuan said the company did not expect to see a growth in popularity and was not prepared for it. To help expediate fixes for problems on the platform, Zoom has cancelled all new feature development for 90 days. Last week, Google became the latest high-profile organization to ban its staff from using Zoom.