USERNAMES and passwords linked to more than 500,000 Zoom accounts are up for sale online.
Credentials for the video-conferencing app are being sold on the dark web and hacker forums for less than a penny each and, in some cases, given away for free.
Experts at US cyber security firm Cyble first spotted hackers distributing Zoom accounts to one another earlier this month.
They told tech site Bleeping Computer that account details were likely gathered through "credential stuffing" attacks.
These attacks involve cyber crooks attempt to log in to accounts on various websites using username and password combinations leaked in other major breaches.
Zoom account credentials are being offered up so hackers can use them for zoom-bombing pranks and malicious activities, Bleeping Computer reports.
Zoom-bombing is the term for when uninvited pranksters "gate-crash" Zoom meetings, often bombarding attendees with disturbing or pornographic imagery.
Many of the compromised Zoom accounts were owned by Cyble clients, meaning the company was able to confirm the legitimacy of a large number of the leaked details.
The National Security Agency (NSA) warned of credential stuffing attacks in 2018.
They suggested that people who use the same usernames and passwords for multiple online accounts (both Facebook and Zoom, for instance) are particularly vulnerable to this type of attack.
"If your username and password is compromised from Company A—who suffered a data breach—and you use that same username and password to login to your social media account, then that account could also be in jeopardy," the NSA's statement read.
The agency urged internet users to immediately change their login details across all online platforms if a breach is detected.
Cyble echoed this sentiment, encouraging Zoom users to change their username and password as soon as possible.
The Sun has reached out to Zoom for comment.
What is Zoom?
Here's what you need to know…
- Popular chat app Zoom is best-known for offering video calls – including calls with huge numbers of people
- There's a free tier with unlimited meetings, but these group chats are capped at 40 minutes
- The most expensive tier gets you meetings with up to 1,000 participants, but there are cheaper options
- Perhaps the only downside is that Zoom has had privacy issues in the past, which may put some businesses off
How to change your Zoom password
Here are the steps given on Zoom's website:
- Sign in to the Zoom web portal.
- Click User Management > Users.
- Click the email address of the user who needs their password changed.
- Click Edit next to Sign-in Password.
- Enter the new password twice.
- Click Save Changes.
- You will be notified that changing the password will sign you out of all devices. Click OK to confirm.
In other news, a world first drone delivery service recently launched in Ireland.
Google Maps is gathering "mobility reports" showing hotspots where people are going during lockdown.
And, a conspiracy theory claiming 5G has caused the Covid-19 pandemic is doing the rounds on WhatsApp.
Are you using Zoom during a lockdown? Let us know in the comments…
Source: Read Full Article