Hackers post hundreds of verified Zoom accounts on dark web


The user who posted the link to downloads of compromised Zoom account details said he 'worked really hard' on trying to obtain the accounts. — TNS

Details such as passwords, meeting IDs, host keys and names belonging to Zoom account users have been posted on the dark web, according to a report by Yahoo Finance.

The report stated that the discovery of the compromised Zoom accounts was made by Sixgill, a cybersecurity firm that monitors the dark web.

Sixgill told Yahoo Finance that a popular dark web forum user has posted a link that allows others to download details of approximately 352 compromised Zoom accounts.

“In comments on this post, several actors (other users) thanked him for the post, and one revealed intentions to troll the meetings," Sixgill said in a statement to the website.

Sixgill claimed that one Zoom account belonged to a major US healthcare provider while seven more were linked to educational institutions.

In a Twitter post on April 7, Sixgill shared a screenshot of the dark web forum post about compromised Zoom accounts.

The user had posted the link on April 1 and said he "worked really hard" on trying to obtain the accounts.

"If you are not fast enough to get this account on time, doesn't mean that it is not working," the user said, adding that he appreciates if others could 'like' the post.

The dark web is a network of Internet sites that are not accessible via usual search engines and requires special browsers to enter.

Sixgill in a separate posting said threat actors are drawn to dark web because it "allow users to browse, chat and conduct transactions anonymously", making it a hotbed of criminal activity.

Zoom in a response to Yahoo Finance said it will be looking into the matter.

Meanwhile, the Malaysia Computer Emergency Response Team (MyCert) has issued an advisory on the use of video conferencing applications like Zoom.

MyCert said that users have a responsibility to choose a "secure and safe VTC (video tele-conferencing) platform for web conferencing".

It shared some security guidelines such as asking users to only download VTC software from official websites or app stores, never share confidential information during a meeting, enable non-recordable videos/audio function and urge hosts to utilise the 'waiting room' feature to monitor participants joining the meeting.

LifestyleTech has reached out to CyberSecurity Malaysia on the use of Zoom.

Zoom has seen a surge in popularity among users who are practising social distancing during the Covid-19 pandemic as they turn to the platform to connect with family and friends on the digital space, with some even using it to livestream events like wedding ceremonies.

However, it also been plagued with security issues such as 'Zoombombing' where unwanted users spam meetings with inappropriate images and offensive slurs.

Chief executive officer Eric Yuan in a blog post on April 1 said the company will shift its engineering resources to focus on safety and privacy issues for 90 days, as part of some measures to improve user experience.

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
Zoom , Video Conferencing , Dark Web

Others Also Read