Security News > 2020 > April > Troves of Zoom Credentials Shared on Hacker Forums
Learn more about what Maor's investigations into underground forums have revealed about how credentials are being uncovered, shared and leveraged to attack remote workers, in this week's Threatpost podcast.
Now, a few weeks back, you had found that there were more than 2,000 compromised Zoom credentials that were missing being shared on underground forums.
If somebody happened to use the same email and password on a certain application that was hacked in the past on Zoom as well, then the attacker would get a response from the Zoom website saying this username and password are legit, and would reply back and so they collect all these positive replies and compile a new database of Zoom's specific username and passwords.
Etay: So in the case of Zoom, it applies to also other collaboration tools, but let's take the Zoom example, if an attacker has a username and password to a company's Zoom account, I can think about it in three different layers of aggression that he can approach this layer number one is more around what we've seen, like Zoom bombings, just go on to a meeting, and blast music or videos and annoy everybody, like a denial of service attack.
Now, one interesting development that you had mentioned in your research was several popular cybercrime forums had actually - the administrators had actually decided to ban any user from discussing or selling Zoom credentials and attacks.
News URL
https://threatpost.com/troves-of-zoom-credentials-shared-on-hacker-forums/155163/
Related news
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)