Over 5 lakh Zoom user accounts being sold on hacker forums and dark web, some even for free

Video conferencing app Zoom has been in the spotlight for the past couple of months after it reported a significant jump in its active user base owing to work from home policies, and also the number of security concerns on its platforms. To make things worse for the company, over 5 lakh Zoom accounts credentials and other details are reportedly being sold on the dark web.

These Zoom accounts are being sold for dirt-cheap prices, and in some cases even given away for free. Cybersecurity intelligence firm Cyble found several Zoom accounts being sold on hacker forums to gain an increased reputation in the hacker community.

The hacked accounts are being shared via text sharing sites where the threat actors are posting lists of email addresses and password combinations, reported BleepingComputer. The website further reported that it contacted some of the 290 Zoom accounts that were listed for free and received confirmation that the credentials were correct.

One of the exposed users told the website that the listed password on the forum was an old one, indicating that some of the leaked credentials are likely from older credential stuffing attacks. 

For the uninitiated, a credential stuffing attack is when the hacker attempts to log in using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.

Cyble purchased over 530,000 Zoom accounts, each costing $0.0020 (Rs 0.15). These purchased accounts contained the user’s email address, password, personal meeting URL, and their HostKey. The leaked credentials also belong to accounts from companies like Citibank, Chase, and educational institutions. Cyble bought these accounts only to inform and warn their customers of the potential breach.

After similar security concerns, many companies like SpaceX and Google have banned their employees from using the Zoom video conferencing app.

Zoom recently announced that it will freeze all its features-related updates and primarily focus on releasing security updates over the next three months.

To avoid getting your account details leaked, we advise our readers to frequently change their Zoom account passwords until the reported issue has been acknowledged and resolved.