Given its recent surge in popularity, it's unsurprising that Zoom is operating under increased threat of attack. Now, that threat has manifested itself in the form of more than 500,000 compromised accounts.
According to Bleeping Computer, more than half a million Zoom accounts are being sold online for less than a penny each. The database in question contains email addresses, passwords, personal meeting URLs and hostkeys.
Researchers from Cyble confirmed the authenticity of some of the credentials in the database, suggesting that most, if not all, are genuine. Portions of the compromised information belongs to well-known companies such as Chase and Citibank, as well as some educational institutions.
Although the cause of the incident remains unclear, evidence appears to suggest Zoom itself was not hacked or breached. Whoever created the database cross-checked login credentials obtained in previous hacks with Zoom and aggregated the list of successful logins - a practice known as “credential stuffing”.
Zoom is a video conferencing and communications tool that has become extremely popular in recent weeks, in line with the spike in remote working brought about by coronavirus quarantine measures.
Hackers have gone out of their way to take advantage of remote workers, creating fake Zoom apps and phishing for credentials using false information about the virus as a lure.