Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than $0.01, and in some cases, given away for free, via Bleeping Computer.
These credentials are gathered through credential stuffing attacks where cybercriminals attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled and sold to other hackers. The company has been undergoing a long and highly publicized series of security issues with their service, and this could be one of the outcoming consequences.
Some of the accounts are being offered for free on hacker forums so that they can be used for zoom-bombing pranks and other malicious activity.
Cybersecurity intelligence firm Cyble says that around 1 April 2020, they began to see free Zoom accounts being posted on hacker forums to gain increased reputations amongst hacker communities.
These accounts are shared via text-sharing sites where cybercriminals are posting lists of email addresses and password combinations.
Bleeping Computer has confirmed that many of the credentials are correct as they have been contacting emails on the list to test their authenticity.
After seeing a seller post accounts on a hacker forum, Cyble resorted to purchasing a large number of the accounts in bulk so that they could be used to warn their customers of the potential breach.
Cyble was able to purchase approximately 530,000 Zoom credentials for less than a penny each at $0.0020 per account.
The purchased accounts include a victim’s email address, password, personal meeting URL, and their HostKey.
Some of the accounts Cyble purchased include ones for well-known companies like Chase, Citibank, as well as several educational institutions and more.
For the accounts that belonged to clients of Cyble, the intelligence firm was able to confirm with Bleeping Computer that they were valid account credentials.
Last week, Zoom’s CEO Eric Yuan publicly apologized for Zoom’s shortcomings with security and privacy, promising that his team is hard at work to fix these issues.
