Over 500,000 Zoom accounts sold on Dark Web Hacker Forums
You can buy Zoom accounts on the dark web hacker market for just under a penny
Last week headlines had been full of Zoom video messengers zoombombing and zoomraiding. Unknown persons could access Zoom video conferences and spread their malicious agenda. Many of us wondered how did the unknown persons get access to the Zoom accounts in the first place. It seems the Zoom accounts are a hot and relatively cheap commodity on the dark web hacker markets.
A cybersecurity intelligence firm, Cyble was able to purchase about 530,000 Zoom accounts from a hacker on the dark web, according to a report. Cyble paid just about $0.002 or 0.15 paise per Zoom account for the acquisition. Cyble found out that the purchased Zoom accounts were of varied sources. Most of these Zoom login ids and passwords were gathered through credential stuffing attacks where hackers use older stolen accounts to login into the Zoom video messenger. The user ids and passwords that are successful in accessing Zoom are then compiled into a list and sold on the hacker forums on the dark web.
Cyble also said that some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Of the 1000s of Zoom accounts given for free, nearly 290 belonged to top-rated United States Universities like the University of Vermont, University of Colorado, Dartmouth, Lafayette, University of Florida, etc.
The purchased accounts include details such as email address, password, meeting web address and host key, which is a six-digit pin assigned to a user hosting a Zoom meeting. The host key allows a person to control a zoom meeting, including starting a live stream and ending it for all participants.