Zoom is the new doom for the netizens, thanks to the spread of the COVID-19 virus all over the world.
House arrested corporate executives are hopelessly dependent on video conferencing applications on the internet which makes it an alluring opportunity for hackers to feast on confidential information of users alike.
As a result more than 500,000 Zoom accounts are now up for 'sale' on hacker forums hosted on the dark web. Some are sold for less than a US cent apiece while others are given away for free.
Cyber-intelligence Company Cybel said that it noticed free Zoom accounts being offered on hacker forums early this month as a way to accentuate the notorious hacking activity on the internet. The accounts were posted on text sharing sites where ne'er-do-wells offer lists of email addresses and password combinations.
The accounts that are currently either on sale or being given away on hacker forums is not the result of data breach or any other kind of hacking activity. Instead they have been procured from credential-stuffing attacks.
Here bad actors usually use bots to inflict sites with automated login attempts, leveraging credentials from past data breaches. Once the bot hits the right combination, its operators have access to the account. Henceforth it is either Zoom-bombing pranks or selling them off on forums.
When checked for the veracity of the stolen data by selecting random email addresses and contacting their owners, one person said that the posted password was an old one which means some of the hacked accounts were acquired from old events of data breaching.
In order to be safe from stuffing attacks it is important for zoom users not to recycle passwords.
"Hackers use very simple tools to re-use passwords that are stolen in separate data breaches – an attack known as 'password stuffing'. They are then able to quickly attempt to access all accounts with the same email address as the user name," says ESET security specialist Jake Moore.
ISOAH guarantees a hacking free work atmosphere with its expert anti hacking audits.
Read on more hacking stories: https://www.isoeh.com/exclusive-blog-details-Apple-paying-one-million-dollars-to-bug-bounty-hunters.html