Zoom is trying to work its way out from some security and privacy scandals. But a new revelation has once again cast the video conferencing app into the wrong kind of spotlight.
Security researchers at cybersecurity firm Cyble have discovered more than 500,000 Zoom accounts and passwords for sale on the Dark Web and hacker forums, according to a report from Bleeping Computer.
The accounts, which included a variety of accounts from major corporations, were on sale for $0.0020, according to the report. With the purchase, buyers could get a person's e-mail address, password, personal meeting link, and the host key users can employ to host a meeting on the service.
"It is common for web services that serve consumers to be targeted by this type of activity, which typically involves bad actors testing large numbers of already compromised credentials from other platforms to see if users have reused them elsewhere," a Zoom spokesperson said in an e-mailed statement. This kind of attack generally does not affect our large enterprise customers that use their own single sign-on systems."
The spokesperson added that Zoom has hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials." The company also said that it's locking compromised accounts and asking affected users to create more powerful passwords.
The revelation is just the latest in a string of security and privacy problems at Zoom. From reports of "Zoombombing," in which people gain unauthorized access to a meeting and shout obscenities at attendees, to concerns that corporate secrets could be stolen by snooping outsiders, Zoom has run into a host of problems since becoming the go-to video conference platform during shelter in place.
For its part, and perhaps to its credit, Zoom has acknowledged its problems and pledged to fix them. It has also patched its software to address some of the bigger issues.
But the work is clearly far from over. And more importantly, it appears hackers aren't slowing their efforts anytime soon. Indeed, with all of Zoom's problems, the numbers of hackers who may target the company might still be sizable.
So, where does that leave the users and companies that are still relying on Zoom? The fact is, credentials for a variety of services are always readily available on the Dark Web. And as concerning as it might be, there's a good chance that your company's other credentials are already out there.
That said, the leak is still concerning, since many users employ the same log-in credentials for multiple applications. For a price of less than one cent, a hacker can access at least one username and password and see if they can be used elsewhere. It's a common hacking technique and in far too many cases, it works.
So, if you're still using Zoom at your company and are concerned by the implications of your data being stolen, tell employees to use passwords they don't typically use for mission-critical applications. At the very least, that could get you a bit closer to protecting your data. After all, that's what many hackers want most.