- The Zoom credentials are reportedly gathered through ‘Credential Stuffing’ attack where hackers attempt to login to accounts through earlier data breaches
- Zoom account credentials include email address, passwords, personal meeting URLs, and HostKeys.
- There are ways to check if your email address has been leaked in data breaches
Popular video conference app Zoom has been hit by hackers as over 500,000 Zoom accounts are being sold on the dark web and hacker forums practically for free, according to a report from the Bleeping Computer. These credentials are apparently gathered through credential stuffing attacks where hackers attempt to login to accounts through earlier data breaches. These attacks are not unique to Zoom, the report said. Successful Zoom logins are being compiled into a list and are sold to hackers who are using them to pull pranks, such as Zoombombing, and other malicious activities. According to the cybersecurity intelligence firm Cyble, they’ve started spotting free Zoom accounts from April 1st, 2020 on the hacker forum.
Furthermore, 290 accounts belonging to colleges such as the University of Vermont, University of Colorado, Dartmouth, Lafayette, University of Florida, and some accounts related to Citibank, Chase and others. Zoom account credentials include email address, passwords, personal meeting URLs, and HostKeys. Bleeping Computer and Cyble claim that they were able to verify some of these accounts and the credentials are valid. Since so many accounts are stake, protecting your account should be of a primary focus at the moment and here’s how you can do it.
How to protect your Zoom account
- Since the Zoom accounts are being hacked using the Credential stuffing, there’s only one way to protect — changing the password and using a unique password for every site you register an account.
- Alternatively, you can check if your email address has been leaked in the data breach via Have I Been Pwned or AmIBreached. These have a list of data breaches containing your email address.
- Zoom was recently updated to use passwords by default. Do not turn off this feature.
- Monitor number of participants in the Zoom meeting and if the list exceeds 12 members, consider it as a red flag.
- If you’re hosting the meeting, change the screen sharing to ‘host-only’ so any unknown participant cannot share malicious content and Disable the ‘join before host’ and ‘allow removed participants to rejoin’ options.