US, WASHINGTON (ORDO NEWS) — Hackers put up for sale on the darknet a little more than half a million accounts of Zoom video conferencing service, reports The Sunday Times.
Access to them was acquired by Cyble, an information security company, for a symbolic price of $ 1,000. The seller was a Russian-speaking user.
Logins were put up for sale at 1.25 cents for each and were discovered and purchased by Cyble, a cybersecurity company, the newspaper writes. Logins were purchased from a Russian-speaking user, and the deal was discussed through anonymous messages on Telegram. Cyble confirmed the authenticity of the database, as some accounts belonged to the company’s customers.
The cyber fraudsters’ data included email addresses, logins and passwords, chat links, and pin codes for managing video conferencing.
Due to the coronavirus pandemic and the massive transition of companies and schools to the remote format, the number of Zoom users has increased. So, according to the newspaper in December last year, about 10 million people used the service per day, and in March – 200 million people.
A global surge in the use of the Zoom service occurred during the coronavirus pandemic, when companies and educational institutions switched to a remote work format. Back in December, the daily audience of the service did not exceed 10 million people, and in March the number of users exceeded 200 million.
Over the past three months, Zoom has risen 132%, bringing market capitalization to $ 47.18 billion. The company became one of the beneficiaries of the coronavirus pandemic when people began to study and work remotely. But the increase in the use of Zoom is associated not only with work: in the video conferencing service, for example, there are even virtual night clubs, for which users pay real money for entering.
However, Zoom was harshly criticized after reports that the platform did not provide end-to-end encryption, transmitted data to Facebook and generally did not provide sufficient privacy protection. In addition, Zoom has increased the influx of Internet trolls who invade the conversation, swear and broadcast inappropriate content with explicit content.
Zoom was even sued amid allegations that it hid flaws in its application and ignored cases where online trolls invaded web meetings and distributed obscene content there.
Zoom is often used for work meetings, but large companies, one after another, forbid their employees to conduct video conferences in the popular service.
Typically, popular web services are targeted when fraudsters test a large number of already compromised accounts from other platforms to see if they have been reused, Zoom said. The company also noted that it hired several online intelligence firms to look for these password dumps and the tools used to create them, as well as a company that closed thousands of websites trying to trick users into downloading malware or abandoning their credentials.
This is not the first time that a major leak of personal data of Zoom users has occurred. So, in mid-April, about half a million user accounts of video services were also found on hacker forums. They were priced at $ 0.002 apiece. Some accounts were shared in the framework of previous hacking hacks, and some turned out to be genuine and refer to the spring of 2020.
TIME reported earlier that Zoom was used not only by Internet jokers, but also by foreign spies from Russia, China, Iran and North Korea, who, according to the publication, aimed at corporate video chats of Americans.
Moreover, Zoom is more vulnerable to Chinese cyber-spyware intrusion, as some encryption keys are routed through Chinese servers, according to a report by The Citizen Lab research group at the University of Toronto. Zoom owns three companies in China, in which at least 700 employees are paid for the development of Zoom software.
Contact us: email@example.com