At this time of despair, video calling apps like Zoom has become people’s best friend. And if you’re either a student or an employee working from home, it has helped you get in touch.
But now, it looks like people’s privacy in Zoom is in danger. More than 500,000 Zoom accounts are now being bought and sold by hackers on the dark web. And these accounts don’t even cost a dollar.
Zoom Accounts Goes For Sale on the Dark Web
If you’re someone who’s always on the internet, I’m sure you must’ve heard of the dark web. It is a place that is not accessible to everyone. It uses specific software, authorization, or configuration for surfing the dark web.
The dark web is also associated with lots of illegal activities, including pornography and human trafficking. And one another illicit activity that has been going on in the dark web is breaching people’s privacy.
So, when Cyble saw hackers posting public Zoom accounts on hacker forums, they went ahead and purchased a large number in bulk.
Approximately, Cyble bought 530,000 Zoom credentials. And each credential cost them less than a penny. These public Zoom credentials were at $0.0020 per account, and a lot of them were even for free.
Cyble Buys More than 500k Zoom Credentials
As soon as Cyble, a cybersecurity intelligence firm witnessed hackers posting free Zoom accounts on hacker forums; they reached out to buy them. The accounts were shared via text sharing sites. And it was done so to gain an increased reputation in the hacker community and also for credential stuffing attacks.
These threat actors posted lists of a combination of email addresses and passwords. And most of the accounts belonged to colleges and universities across the United States. Accounts from universities like Colorado, Florida, and Vermont were released for free.
And the ones purchased by Cyble had users’ email id, password, Hostkey, and personal meeting URL. The firm even found several of its own clients’ accounts among the 530k credentials.
Cyble purchased the accounts so it could reach out and warn its customers of the potential breach. And it was able to confirm that they were, indeed, valid accounts.