Monday, Sep 21, 2020 | Last Update : 06:36 PM IST

180th Day Of Lockdown

Maharashtra118801585793332216 Andhra Pradesh6177765307115302 Tamil Nadu5364774812738751 Karnataka5113454048417922 Uttar Pradesh3362942632884771 Delhi2347011981034877 West Bengal2155801870614183 Telangana1713061397001033 Odisha167161133466722 Bihar164224149722855 Assam150349121610528 Kerala12221687341490 Gujarat119088999083271 Rajasthan109088906851293 Haryana103773816901069 Madhya Pradesh97906743981877 Punjab90032658182646 Chhatisgarh7777541111628 Jharkhand6710052807590 Jammu and Kashmir5971138521951 Uttarakhand3713924810460 Goa2678320844327 Puducherry2142816253431 Tripura2069612956222 Himachal Pradesh11190691997 Chandigarh92566062106 Manipur8430653951 Arunachal Pradesh6851496713 Nagaland5306407910 Meghalaya4356234232 Sikkim2119178923 Mizoram15069490
  Technology   In Other news  14 Apr 2020  Zoom security further compromised as 500,000 Zoom accounts sold on dark web, says report

Zoom security further compromised as 500,000 Zoom accounts sold on dark web, says report

THE ASIAN AGE | ASIAN AGE WEB DESK
Published : Apr 14, 2020, 4:30 pm IST
Updated : Apr 14, 2020, 6:54 pm IST

Hackers are selling users’ email addresses, passwords, personal meeting URLs and host keys, including of companies like Citibank

Vietnam’s Prime Minister Nguyen Xuan Phuc (on the right screen) addresses a live video conference on the special Association of Southeast Asian Nations (ASEAN) Plus Three Summit on the COVID-19 coronavirus pandemic in Hanoi on April 14, 2020 as South Korea's President Moon Jae-in, Japan's Prime Minister Shinzo Abe and China's Premier Li Keqiang are seen on left television screen. (Photo | AFP)
 Vietnam’s Prime Minister Nguyen Xuan Phuc (on the right screen) addresses a live video conference on the special Association of Southeast Asian Nations (ASEAN) Plus Three Summit on the COVID-19 coronavirus pandemic in Hanoi on April 14, 2020 as South Korea's President Moon Jae-in, Japan's Prime Minister Shinzo Abe and China's Premier Li Keqiang are seen on left television screen. (Photo | AFP)

Chennai: Hacked Zoom accounts are reportedly being sold on the dark web where hackers can buy details of users’ passwords and email addresses, making them vulnerable to phishing and identity theft.

Cybersecurity firm Cyble saw a spike in Zoom accounts being sold since April, a report by BleepingComputer said. 

 

Over 500,000 Zoom account credentials were being sold to hackers, some of them genuine, Cyble was reported as saying. These were being used for Zoombombing by hackers—showing up on private meetings uninvited.

The credentials being sold were from earlier hacks, reports said. That is, if a Zoom account holder was using the same password as on his/her email or other apps, which might have been hacked before, hackers gained easy access to the person’s Zoom account using the same password.

The hackers then collected the Zoom account details and put them on sale online.

Cyble's experts were able to purchase 530,000 credentials such as email addresses, paswords, personal meeting URLs and host keys (a 6-digit pin number used to host Zoom meetings) for as little $0.002 per account. Some were even available free of cost.

 

Some of these account details were verified by Cyble, which confirmed they belonged some high-profile clients of theirs. 

Chase and Citibank were among big companies whose Zoom credentials had been sold by hackers, the cybersecurity firm said.

Zoom had become the go-to videoconferencing web and mobile app as countries restricted movement of people to fight the coronavirus pandemic and most people began working from home and socialising online through video meetings.

As popular as it became, Zoom has also been facing major security issues. Apart from hackers Zoombombing meetings, the videoconferencing company was also criticised for routing calls through servers in China.

 

Although CEO Eric Yuan apologised for what he called a mistake, data privacy advocates warned that using Chinese servers and Chinese encryption keys made the Zoom meetings open to eavesdropping by the Chinese government.

Other problems Zoom faced included data from the app being sent to Facebook on Apple devices, which Zoom is said to fixed since.

Due to the hacks and data breaches, companies such as Google and Spacex banned its employees from using Zoom on their office laptops. Even the Government of India sent out an advisory asking government officials to shun third-party apps as they are unsecure.

Tags: zoom videoconferencing app, hackers, dark web, emails, common passwords, data privacy, cybersecurity, data breach