Over 500,000 Zoom accounts sold on the dark web

Tuesday 14 April 2020 12:36 CET | News

Security Affairs has reported that over 500,000 Zoom accounts are available for sale on the dark web and hacker forums. 

Sellers are advertising them for .0020 cents each, while in some cases they are offered for free. The account credentials was not stolen by Zoom, instead, it appears the result of credential stuffing attacks that leverage records from third-party data breaches.

The data were first discovered by experts at cybersecurity intelligence company Cyble. Moreover, lists of email addresses and associated passwords were published on text sharing sites. Cyble purchased more than 530,000 on an underground hacking forum and verified that the credentials were valid, account data includes a victim’s email address, password, personal meeting URL, and their host key. In addition, a sample analysed by Bleeping computer composed of 290 accounts included credentials of accounts for many colleges, including the University of Vermont, University of Colorado, Dartmouth, Lafayette, University of Florida.

Recently researchers at IntSight discovered a database available on an underground forum in the dark web that contained more than 2,300 compromised Zoom credentials. Some of the records also included meeting IDs, names, and host keys. The archive comprised credentials for Zoom accounts belonging to organisations in various industries, such as banking, consultancy, healthcare software companies.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: ZoOm, accounts, dark web, attacks, hacker forums, fraud, seller, cybersecurity, intelligence, credentials, banking
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime