Hundreds of thousands of stolen Zoom accounts for sale on hacker forums for next to nothing
Problems for Zoom and users of the videoconferencing software seem just about unending. Following on from the revelation that a number of account credentials were available on the dark web, a new report shows that in fact there are credentials for hundreds of thousands of accounts available on hacking forums.
In all, over half a million account details have been found available -- some sold for fractions of a penny, and others made available completely free of charge.
- Zoom will soon let some users choose which countries their data is routed through
- Zoom is taking steps to improve privacy and security, and to prevent Zoombombing
- Google bans Zoom and the US senate warns against its use
News of the availability of more than 500,000 Zoom accounts comes courtesy of BleepingComputer after it spoke with cybersecurity firm Cyble. The company noticed a huge number of account details available for sale at the beginning of the month; it was even able to make a bulk purchase of 530,000 email, password, meeting ID and host PIN combinations for a mere $0.002 per account.
At least a portion of the credentials were found to be genuine, and a number of them -- including some relating to universities -- were made available for free. Some of the accounts details that were for sale belonged to large companies.
However, some of the passwords were found to be old, suggesting that a percentage of the information may have been obtained from historic credential stuffing attacks.
In response to the new, Abe Smith, head of international at Zoom,issued a statement saying:
It is common for web services that serve consumers to be targeted by this type of activity, which typically involves bad actors testing large numbers of already compromised credentials from other platforms to see if users have reused them elsewhere. This kind of attack generally does not affect our large enterprise customers that use their own single sign-on systems. We have already hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials. We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts.