With millions of office workers now using Zoom from home, opportunistic hackers are stealing their Zoom credentials and selling them on the dark web. According to a recent investigation by IntSights’ researchers, hackers have shared a database containing more than 2,300 usernames and passwords to Zoom accounts on dark web forums.
The exposed database contains usernames and passwords of personal Zoom accounts, including corporate accounts belonging to banks, consultancy companies, educational facilities, software vendors, and healthcare providers.
In addition to the credentials, some of the accounts include meeting IDs, email and passwords, names, and host keys. Researchers also highlighted that they’ve found various posts and threads of dark web forum members discussing different approaches of targeting Zoom’s conferencing services.
This will be one more blow for Zoom, as the company is already suffering severe criticism and cyberthreats globally. Recently, a cybersecurity expert Mitch@_g0dmode discovered that Zoom’s video conferencing software for Windows is vulnerable to “UNC path injection” flaw that could let hackers steal Windows passwords and execute arbitrary commands on their devices. Soon after the vulnerability was identified, the company fixed the issue by releasing a patch.
The FBI has also slammed Zoom for not maintaining proper privacy and security measures for its users. The authorities also warned that the video meeting app is prone to hacking, as it contains certain unpatched bugs.
Taiwan Government Bans Zoom
The government of Taiwan announced a ban on the official use of Zoom. In an official statement, the Executive Yuan stated that all government agencies and certain non-government organizations are restricted to hold video conferencing calls using Zoom, citing security and privacy concerns. As an alternative, the government recommended agencies to use video conferencing software offered by other companies, like Google and Microsoft.
Taiwan is not the only one to bar Zoom services. Recently, New York City officials stated that schools in the City will no longer be allowed to use Zoom for online teaching. Australia’s Defense Force and its MPs are also barred from using Zoom services.