Half A Million Zoom Accounts Reportedly Up For Sale By Hackers On Dark Web
There is some more bad news for Zoom and some of its users. Security researchers recently discovered that the dark web and hacker forums are host to over 500,000 compromised Zoom accounts being offered up for sale at dirt cheap prices. Some of them are being sold for a fraction of a penny, while others are being given away for free.
It almost feels like we are picking on Zoom at this point with so many headlines highlighting the company's security and privacy lapses in recent weeks. However, that is not the case. Zoom CEO Eric Yuan recently admitted that his video conferencing startup "moved too fast" in light of the COVID-19 outbreak and "had some missteps" along the way.
Part of the problem, according to Yuan, is that Zoom was designed with business users and enterprise environments in mind, where IT departments could ensure everything was secure. But with the Coronavirus pandemic raging, more people than ever find themselves working remotely, including less tech savvy users, and turning to Zoom.
Regardless of the reasons, Zoom faces several challenges at the moment, including a class action shareholder lawsuit.
As for the hacked accounts being offered up for sale, BleepingComputer says they are the result of "credential stuffing attacks," which is when a hacker tries to log into an account using credentials from previous data breaches (this is not unique to Zoom by any stretch). The ones that work are jotted down in a list, and then offered up for sale.
In this case, the compromised Zoom credentials began appearing on hacker forums around April 1. Some of them were initially offered for free, for the purposes of building up street cred for the party responsible. Others have been sold for small sums that add up in bulk.
These accounts are varied, as one might imagine. Some of them trace back to different universities, while others belong to employees of major banking institutions, such as Chase and Citibank.
If nothing else, this latest incident should serve as a reminder that it is important to use different login credentials for different services. Otherwise, a single hacked account can compromise multiple services.