Security News > 2020 > April > Zoom Credentials Database Available on Dark Web
Researchers have found a database of Zoom video conferencing credentials ranging from just an email and password to also include meeting IDs, names and host keys.
The latter is possible because Zoom users are remarkably lax about protecting the details - and of course it could be just a small subset of a larger collection of credentials not made available to others.
These credentials available in the database range from personal accounts to corporate accounts for banks, consultancy companies, educational facilities, healthcare providers, and software vendors.
"What was interesting to me," Etay Maor, CSO at IntSights told SecurityWeek, "Was some of the discussions that followed the database being offered on the dark web. They were around how to automate attacks against Zoom. What's happening is the use of 'Zoom checkers'." A checker is a concept from bank card fraud, where a micro payment is made against stolen card credentials to check that the account is live and valid.
The attacker, with access to the CEO's Zoom account, could email the CFO and say, "I need to talk to you. Hop on Zoom will you." From there it's just the standard social engineering that criminals have perfected - possibly blurring the voice with added noise, making the video difficult to see, using Zoom by phone, etcetera.
News URL
Related news
- Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web (source)
- SolarWinds fixes hardcoded credentials flaw in Web Help Desk (source)
- Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk (source)
- SolarWinds left critical hardcoded credentials in its Web Help Desk product (source)
- FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals (source)
- Tor insists its network is safe after German cops convict CSAM dark-web admin (source)
- Companies mentioned on the dark web at higher risk for cyber attacks (source)