In the dark-web, there are avalanche offers to sell stolen accounts on zoom. We are talking about hundreds of thousands of profiles, mostly offered for symbolic amounts, that can become a source of problems for many organizations.
A worrying trend was discovered by security researchers from Cyble. By monitoring the dark web, they hit about 10 000 people. 530,000 stolen accounts to the Zoom video conference platform, available for sale. The profiles offered included email addresses, passwords, personal addresses of individual users’ rooms, and individual host keys.
How can criminals use stolen accounts? The simplest use is to involve them in zoom-bombing attacks, consisting in participating in someone else’s meetings solely for the purpose of vandalizing them. Such incidents have plagued many organizations in recent weeks. However, it could potentially be much more dangerous for criminals to take over a working Zoom account of one of the company’s employees. In this way, they can impersonate a person in your organization and extort sensitive information from other employees or contractors of the company by carrying out a phishing attack on them.
– Although the sudden increase in the interest of hackers with zoom platform is worrying, it is no surprise. Criminals are directing their efforts where they can make the most profit. At a time of rapid increase in zoom’s popularity and implementation by other organizations, often without full knowledge of how to use it safely, it was predictable that criminals would focus on it as well- comments Kamil Sadkowski, senior threat analyst at ESET.
The accounts available for sale were mostly to be stolen using repeated login details collected as a result of a leak from other services. This means that the fault for such incidents lies with users and their failure to use proper password hygiene. The same method can, moreover, be used to steal accounts in many other services and websites. However, as Kamil Sadkowski of ESET reassures, such situations can be protected relatively easily.
– We should never use the same combination of login and password to log in to various services and services. Following this simple rule, we can sleep a little calmer – even if from one of the services our data leaks, criminals will not be able to use them to log into our other accounts – explains Kamil Sadkowski from ESET.
