Attackers published Zoom passwords and links, on Dark Web Forum. This is only one of the ways cybercriminals take advantage of the Coronavirus crisis besides disinformation, fraud, malware and phishing campaigns.
Since most of the companies closed their offices, the employees work from home and use a lot remote desktop protocols and video communication platforms. So, this appeared as an opportunity for the attackers.
Zoom proved to be vulnerable
Cybersecurity specialists discovered recently more vulnerabilities with the Zoom client. Those allowed attackers to steal Windows passwords. Also, they could escalate privileges with macOS.
IntSights‘s researchers discovered in the dark web forums a database with more than 2,300 usernames and passwords of Zoom accounts. Also, the same database incorporated personal accounts, but also accounts belonging to banks, healthcare institutions, consultancy companies and educational facilities.
They also spotted some posts in which villains were asking for details on how to join Zoom conferences. Also, some of the users there were talking about Zoom checkers and credentials. Thus, one of them suggested a configuration of a web testing suite. OpenBullet allows performance of different tests on targeted web applications. Then, he said that with the mentioned configuration users could capture meeting URLs, host keys, full names, meeting ids, and even account types.
FBI (USA) and NCSC (UK) also already warned users to be cautious during the COVID-19 crisis, as the video-teleconferencing hijacking had emerged.
The most important recommendations are not to make the meetings public or share the meeting links in social media. Also, attendees should make sure that their meetings have a password enabled.
Zoom announced changes
In fact, Zoom also recently announced it made a change, so that it would not display meeting IDs on the title toolbar. Instead, the company decided that the title would be marked as Zoom.
As zoom passwords and links were stolen and cybercriminals use important lures, such as World Health Organization, to start malware attacks, it is important to know how to defend yourself from the online coronavirus threats, at home.