Thousands of Zoom accounts are sold on the deep web and in hacker forums

Since the implementation of containment measures in schools and businesses in countries affected by the coronavirus, the number of Zoom users has increased dramatically, from 10 million a day last December to 200 million in March 2020.

But it seems that the platform has been the victim of various attacks made by Hagaks and have taken advantage of the vulnerabilities of Zoom and is that In addition to the bogus features it offered, Zoom is increasingly the subject of criticism on aspects of its security and the breach of the privacy of its users.

And is that with the failures that were made known in past days, now hundreds of thousands of accounts have been sold on the deep web and hacker forums and other identifying information is even distributed free of charge. This information includes the victim's email address, password, link to the personal meeting number, and the host's password.

The information was disclosed by cybersecurity firm Cyble, which bought 530,000 accounts for just under 1,000 euros.

The accounts offered for free on hacker forums would allow criminals to use them in various malicious activities. These identifiers could be collected using the "credential stuffing" technique, which involves using account information from other previously stolen sites to connect to Zoom.

“It is common for web services that serve consumers to be the target of this type of activity, which typically involves criminals testing a large number of already compromised credentials from other platforms to see if users have them reused elsewhere.

This type of attack generally does not affect our large corporate clients who use their own single sign-on systems. We've already hired several intelligence companies to find these password dumps and the tools used to create them, as well as one company that has shut down thousands of websites that are trying to trick users into downloading malware or dropping their credentials. We continue investigating »

For its part, the company (Zoom) has announced new measures to strengthen the security of the platform, even though this last minute implementation has been done too late.

“The Zoom team has worked hard to provide additional features that make your Zoom meetings and webinars even more secure. This weekend's release included additional password protections, one of the best options for securing your meetings and webinars «

This is the list of the new measures:

• Password requirements: For meetings and webinars, account owners and administrators can now configure the minimum meeting password requirements to adjust the minimum length and request letters, numbers, and special characters, or allow only numeric passwords.
• Random meeting identifiers: Random meeting unique IDs for newly scheduled meetings and webinars will be 11 digits instead of 9.
• Cloud recordings: password protection for shared cloud recordings is now enabled by default for all accounts. The complexity of passwords in your cloud recordings has been improved, while existing shared records are not affected.
• Share files with third parties: You can reuse third-party platforms, such as Box, Dropbox, and OneDrive, to share files on the Zoom platform. This feature has been temporarily disabled and will be restored after a full security review of the process.
• Zoom Chat Message Preview: Zoom Chat users can hide message preview for desktop chat notifications. If this feature is disabled, you will simply be notified that you have a new message without viewing the content of the message.

Furthermore, even though platforms like Zoom are increasing security measures, hackers will be able to obtain credentials if users use the same password and identifier combinations.