5 Lakh Zoom Accounts Sold On Dark Web For Almost Nothing

Zoom is currently the most popular video conferencing apps across the globe, used by schools, companies, and individuals to stay connected with one another amidst lockdown. It is a free tool that anyone can use, and due to the increase in popularity, the service has become more vulnerable to hackers.

According to the latest report from Bleeping Computer, over five lakh zoom user credentials have been hacked and sold on the dark web for less than a penny per account. The report also suggests that these credentials have been obtained using stuffing attacks on users by force login attempts and the successful credentials will be compiled into a list, which will be sold to hackers by various means.

These Zoom IDs will be used by hackers to zoom bomb certain conferences and can also be used to conduct illegal businesses. Another report from a publication named Cyble suggests that hackers have started to upload this information on various hacker forums to increase their reputation.

What Does The Leaked List Contain?

A leaked Zoom credential will include an e-mail ID, password, personal meeting URL, and a HostKey. A hacker might use this information to get control of the e-mail and can also be used to send spam messages to the people in the contact.

Not just that, the same credentials can also be used to access other services like social media sites and banking accounts, which is why keeping a separate password for each account is important.

How To Prevent Your Zoom Account?

Do not set up a generic password, which is easy to guess and always use a complex alpha-numeric text, which will be hard to guess. Try to use two-factor authentication wherever possible, which will gain prevent brute force login. Lastly, do not use these services from an unknown network or a public computer.

Via