Zoom video app logins were put on sale on dark web: report
- The logins were put up for sale at US$1.25 cents each, and were discovered and bought by cybersecurity intelligence company Cyble
- Zoom Video Communications has come under increasing pressure over vulnerabilities in its app’s software encryption
Hackers have put more than half a million login details for the teleconferencing app Zoom on the dark web, The Sunday Times newspaper reported.
The logins were put up for sale at 1 pence (US$1.25 cents) each, and were discovered and bought by cybersecurity intelligence company Cyble, the paper said. Cyble purchased the logins from a Russian-speaking person on the Telegram messaging service, which allows anonymous messaging.
Zoom’s security backlash points to bigger threats in coronavirus-led telecommuting wave
From Elon Musk’s SpaceX to New York City’s Department of Education, agencies around the world have begun to ban usage of Zoom’s app amid security concerns.
It is common for web services to be targeted by activity which involves bad actors testing large numbers of already compromised credentials from other platforms to see if they have been reused, a Zoom representative said in a statement.
Zoom also said it has hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a company that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials.
“We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts,” the Zoom representative said.