Security News > 2020 > April > Zoom Credentials Database Available on Dark Web
Researchers have found a database of Zoom video conferencing credentials ranging from just an email and password to also include meeting IDs, names and host keys.
The latter is possible because Zoom users are remarkably lax about protecting the details - and of course it could be just a small subset of a larger collection of credentials not made available to others.
These credentials available in the database range from personal accounts to corporate accounts for banks, consultancy companies, educational facilities, healthcare providers, and software vendors.
"What was interesting to me," Etay Maor, CSO at IntSights told SecurityWeek, "Was some of the discussions that followed the database being offered on the dark web. They were around how to automate attacks against Zoom. What's happening is the use of 'Zoom checkers'." A checker is a concept from bank card fraud, where a micro payment is made against stolen card credentials to check that the account is live and valid.
The attacker, with access to the CEO's Zoom account, could email the CFO and say, "I need to talk to you. Hop on Zoom will you." From there it's just the standard social engineering that criminals have perfected - possibly blurring the voice with added noise, making the video difficult to see, using Zoom by phone, etcetera.
News URL
Related news
- Companies mentioned on the dark web at higher risk for cyber attacks (source)
- Dutch police arrest admin of 'Bohemia/Cannabia' dark web market (source)
- Dutch cops reveal takedown of 'world's largest dark web market' (source)
- Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)