Over 500,000 Zoom Accounts Sold on the Dark Web and Hacker Forums

by

Hundreds of thousands of Zoom accounts are being sold or given away for free on the dark web and hacker forums, according to a new report by BleepingComputer.

zoom logo
Zoom has surged in popularity in recent weeks as the number of people working from home has increased, but concerns about the videoconferencing app's security have also made the headlines. However, the availability of Zoom accounts on the dark web does not appear to be a direct consequence of the app's failings.

Rather, the sale of the login details are said to be the result of "credential stuffing attacks," where hackers attempt to log in to Zoom using accounts leaked in older data breaches.

Successful logins are then collated into lists and sold on or offered for free to other hackers, with the intention of using them in zoom-bombing pranks or for malicious reasons.

The accounts are reportedly being shared via text sharing sites as lists of email addresses and password combinations. The accounts can include a victim's email address, password, personal meeting URL, and their HostKey.

500k zoom accounts

Zoom accounts sold on hacker forums

Cybersecurity firm Cyble, which was able to purchase 530,000 Zoom credentials for less than a penny each at $0.0020 per account, said the Zoom accounts began appearing in the hacker community at the beginning of April, with hackers offering the accounts to build reputation.

The finding underscores the importance of using unique passwords for each website where an account is registered. Concerned users are encouraged to check if their email address has been leaked in data breaches using the Have I Been Pwned website or Cyble's AmIBreached data breach notification service, and change their Zoom password if used elsewhere.

Tags: Security, Zoom

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article81 comments
iPhone 17 Plus Feature Purple

iPhone 17 Rumored to Feature Mechanical Aperture

Tuesday July 23, 2024 9:32 am PDT by
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Read Full Article60 comments

Top Rated Comments

ipedro Avatar
ipedro
56 months ago
Apple could end this right now and assume the mantle of king of quarantine videoconferencing.

FaceTime has already become a proprietary eponym in the way that you make a xerox of a document or ask for a Kleenex after you sneeze. FaceTime has become even more popular during this time but people have to seek out alternatives when just one member of the call you want to place is an Android user.

1. Offer an Android FaceTime client without all the bells and whistles. Allow Android users to join in on a call. Limit it to just cameras. No Animoji or any of the fun stuff. It’ll make Android users want to get an iPhone.

2. Allow FaceTime to broadcast online with a link that anybody with the link can join. Allow the leader to control who, if anybody, can speak.

3. Optionally, Apple can also go after the work from home, corporate market by adding desktop sharing and whiteboard features.

Apple is missing a huge opportunity to make FaceTime mainstream.
Score: 33 Votes (Like | Disagree)
fermat-au Avatar
fermat-au
56 months ago
I think there may be a number of companies who in a few weeks will be regretting their decision to go with Zoom
Score: 17 Votes (Like | Disagree)
szw-mapple fan Avatar
szw-mapple fan
56 months ago

Zoom is the pinnacle of garbage (Kinda like Yahoo was two years ago with their security breaches). Rather others disagree with me, there’s a reason why companies don’t trust ‘Zoom’ When it comes Security risks companies/agency information being exposed.
Zoom didn’t have a data breach, unlike Yahoo. This looks like it’s just hackers reselling logins and passwords from previous leaks on other platforms. Some of them happen to work on zoom because people reuse their passwords.


But so do people who have used the iOS/macOS generated strong password for a Zoom account still need to change their password, etc?
As long as you haven’t reused it anywhere else, there is little chance that the generated password is leaked. Of course, it wouldn’t hurt to be on the safe side either.
Score: 8 Votes (Like | Disagree)
TiggrToo Avatar
TiggrToo
56 months ago

I don't get it, WebEx is the same price and more secured.
We migrated from Webex after spending a fortune on outfitting our conference rooms with cameras, Cisco proximity boxes etc. and then spent almost every day afterwards dealing with problems as a result. The firewall configurations alone for Webex were a bloody nightmare.

For all it's perceived issues, Zoom has been relatively stable for us and significantly cheaper.


Google gives you the GSuite for free, all you have to do is give them all your information and all the information about your contacts.

Zoom records your meeting and stores it on Chinese servers (even "private" (ROFL) meetings. All they offer is a built in grid view that looks "pretty".

Facetime could take off if they removed the Apple ID function, but without that they can't really get your info.

These apps are all about harvesting your data. They are not about anything but that. I don't have a computer for Zoom, not personally or professionally. It's like chewing tobacco...I don't have a hole dirty enough to put that in.
Citations please.
Score: 7 Votes (Like | Disagree)
I7guy Avatar
I7guy
56 months ago

WebEx and GoToMeeting.
IMO, neither of those are better than Zoom. YMMV.


I don't get it, WebEx is the same price and more secured.
What does more secured mean? Does it mean, if you give your user and password to someone else, there is a webex 2fa?
Score: 6 Votes (Like | Disagree)
maflynn Avatar
maflynn
56 months ago

But so do people who have used the iOS/macOS generated strong password for a Zoom account still need to change their password, etc?
Why not? I mean, even if you have a strong password, change it.
Score: 6 Votes (Like | Disagree)
Read All Comments