Beware! 530k Zoom Accounts Are Being Sold On The Dark Web

Yesterday (Tuesday, 14th April), it was reported that approximately 530,000 Zoom accounts had been compromised. Cybersecurity firm Cyble had purchased the Zoom credentials from a hacker on the dark web.

In speaking to website BleepingComputer, Cyble bought these accounts for only US$0.20 (RM0.80) each, with the intention to warn the users of the potential breach.

As per Cyble, the info obtained from the purchased accounts include:

• Email address, password
• Meeting web address
• Zoom host keys (the six-digit pin assigned to the person hosting a Zoom meeting)

The firm first discovered that these accounts were up for sale for ill-natured activities like “Zoom-bombing”, which is a way for an uninvited guest to hack into a Zoom meeting. There has since been evidence of leaked recordings of meetings being posted on Youtube and Vimeo.

Cyble explained that the hacked accounts were probably obtained from details leaked  via data breaches known as “credential stuffing attacks”. These logins were then compiled into a list and sold on the dark web.

Here’s how you can protect your Zoom account from recent data breaches:

• Check Have I Been Pwned or Cyble’s AmIBreached website to see if your account has been compromised.
• Check your Zoom settings and change your personal meeting ID and the six-digit host key.
• Once you’ve updated everything, you might want to click the “Sign Me Out From All Devices” button to be safe.

Sources: Life Hacker, The Star.