With the current lockdown safety measures most people are
observing around the world, teleconferencing platforms are now very popular.
People are looking for ways to meet online while observing the stay-at-home
orders given by their government.
Zoom is one of the video conferencing platforms that have benefited immensely from this new way of life. But it seems the platform is also the main target of cyber attackers who are also taking advantage of the situation, as new people keep registering on the platform daily.
Some individuals, schools, businesses, and even government
organizations have registered with the platform. But most of these new
registrations were secured with old passwords. That is the loophole the hackers
used to steal more than 500,000 user accounts from the video conferencing
Recently, a cybersecurity firm Cyble found out that a hacker was offering hacked Zoom accounts at ridiculous prices and
even free in some instances.
Cyble revealed it bought 530,000 of those accounts from the
hacking forum for almost free. Among the details on the purchased accounts are
credentials of several of zoom’s clients. The details also included Zoom host
keys and personal meeting URLs. Cyble has checked the credentials with the
company and verified that they were truly stolen from Zoom.
Although the incident affected hundreds of thousands of Zoom accounts, it doesn’t mean that the video conferencing platform was hacked. The hackers stole the accounts using a method known as “credential stuffing”, where hackers make use of passwords stolen from previously compromised data.
Another security research team, Bleeping Computer , reached out to some of the
owners of the compromised accounts. Most of them said the passwords were
correct, but one account holder said the listed password was an old password of
his that has been changed for a long time.
From the information gathered from Bleeping Computer’s
research, almost all the passwords offered on the dark web are old passwords.
Although they may have been new passwords on Zoom, most of them have been used
somewhere by the account holders.
The re-use of passwords has always been a major problem as
long as hacking incidents are concerned. Several users would rather use their
old passwords they can easily remember rather than risking the use of a
completely new password they can forget.
Some of the users who are registered in multiple platforms
use one password in all those platforms, making it easier for hackers to seize
The problem here is the criminal hackers have filed and stored all those old stand-by passwords. When the need arises, they actively use them to infiltrate old and new accounts using brute force attacks.
Billions of accounts with passwords, email addresses, and
usernames have been exposed over the past several years. As a result, creating
a new account on Zoom or other services using an old account can get their new
account hacked, security researchers advised.
Hackers are always there to pounce on any loophole to
launch their attacks. It’s not a matter of, if a platform will be attacked, but
when it will be attacked. So, users also have a big role to play to ensure
their accounts are not exposed and stolen.
Bleeping Computers has advised users on how to stay safe and free from brute force attacks. According to the research team, users should use strong passwords that are even difficult for them to remember. The primary way to keep passwords safe is to set up an extremely difficult one and never to share them with anyone else.
And even if they can’t remember the passwords, if they have
a password management tool installed, they won’t have to remember the password.
The app would do that job for them.
shop cvv dumps buy cvv fullz online