Through the purchased accounts, Cyble was able to verify that some of the accounts are valid, based on its customer information. They added that the compromised data included details such as email addresses, passwords, meeting web addresses, and Zoom host keys. According to the report, the firm first discovered the sale of these accounts for the purpose of “Zoom-bombing”, which allowed for an uninvited guest to hack into a Zoom meeting by utilising the compromised meeting web addresses and host keys. Zoom recently made headlines due to its poor security, which resulted in thousands of leaked recordings of meetings uploaded online on Youtube and Vimeo. Cyble explained that these accounts were likely obtained by using details leaked via data breaches known as “credential stuffing attacks”. Successfully compromised accounts were compiled into a list and then offered to other hackers via dark web or other means. You can check if your account is at risk by checking via Have I Been Pwned or Cyble’s AmIBreached website. Regardless, our readers are advised to thread carefully online and constantly update their security to avoid potential data breaches. (Source: BleepingComputer | Header image: Reuters)
