Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,428
30,614


Hundreds of thousands of Zoom accounts are being sold or given away for free on the dark web and hacker forums, according to a new report by BleepingComputer.

zoom_logo.jpg

Zoom has surged in popularity in recent weeks as the number of people working from home has increased, but concerns about the videoconferencing app's security have also made the headlines. However, the availability of Zoom accounts on the dark web does not appear to be a direct consequence of the app's failings.

Rather, the sale of the login details are said to be the result of "credential stuffing attacks," where hackers attempt to log in to Zoom using accounts leaked in older data breaches.

Successful logins are then collated into lists and sold on or offered for free to other hackers, with the intention of using them in zoom-bombing pranks or for malicious reasons.

The accounts are reportedly being shared via text sharing sites as lists of email addresses and password combinations. The accounts can include a victim's email address, password, personal meeting URL, and their HostKey.

500k-zoom-accounts.jpg
Zoom accounts sold on hacker forums

Cybersecurity firm Cyble, which was able to purchase 530,000 Zoom credentials for less than a penny each at $0.0020 per account, said the Zoom accounts began appearing in the hacker community at the beginning of April, with hackers offering the accounts to build reputation.

The finding underscores the importance of using unique passwords for each website where an account is registered. Concerned users are encouraged to check if their email address has been leaked in data breaches using the Have I Been Pwned website or Cyble's AmIBreached data breach notification service, and change their Zoom password if used elsewhere.

Article Link: Over 500,000 Zoom Accounts Sold on the Dark Web and Hacker Forums
 
Last edited:
  • Like
Reactions: eghrtjykjth

Ted13

macrumors 6502a
Dec 29, 2003
669
353
NYC
The finding underscores the importance of using unique passwords for each website where an account is registered.
But so do people who have used the iOS/macOS generated strong password for a Zoom account still need to change their password, etc?
 

44267547

Cancelled
Jul 12, 2016
37,642
42,491
I think there may be a number of companies who in a few weeks will be regretting their decision to go with Zoom

Zoom is the pinnacle of garbage (Kinda like Yahoo was two years ago with their security breaches). Rather others disagree with me, there’s a reason why companies don’t trust ‘Zoom’ When it comes Security risks companies/agency information being exposed.
 

szw-mapple fan

macrumors 68040
Jul 28, 2012
3,475
4,336
Zoom is the pinnacle of garbage (Kinda like Yahoo was two years ago with their security breaches). Rather others disagree with me, there’s a reason why companies don’t trust ‘Zoom’ When it comes Security risks companies/agency information being exposed.
Zoom didn’t have a data breach, unlike Yahoo. This looks like it’s just hackers reselling logins and passwords from previous leaks on other platforms. Some of them happen to work on zoom because people reuse their passwords.
[automerge]1586865011[/automerge]
But so do people who have used the iOS/macOS generated strong password for a Zoom account still need to change their password, etc?

As long as you haven’t reused it anywhere else, there is little chance that the generated password is leaked. Of course, it wouldn’t hurt to be on the safe side either.
 

ipedro

macrumors 603
Nov 30, 2004
6,220
8,455
Toronto, ON
Apple could end this right now and assume the mantle of king of quarantine videoconferencing.

FaceTime has already become a proprietary eponym in the way that you make a xerox of a document or ask for a Kleenex after you sneeze. FaceTime has become even more popular during this time but people have to seek out alternatives when just one member of the call you want to place is an Android user.

1. Offer an Android FaceTime client without all the bells and whistles. Allow Android users to join in on a call. Limit it to just cameras. No Animoji or any of the fun stuff. It’ll make Android users want to get an iPhone.

2. Allow FaceTime to broadcast online with a link that anybody with the link can join. Allow the leader to control who, if anybody, can speak.

3. Optionally, Apple can also go after the work from home, corporate market by adding desktop sharing and whiteboard features.

Apple is missing a huge opportunity to make FaceTime mainstream.
 
Last edited:

I7guy

macrumors Nehalem
Nov 30, 2013
34,172
23,871
Gotta be in it to win it
Zoom is the pinnacle of garbage (Kinda like Yahoo was two years ago with their security breaches). Rather others disagree with me, there’s a reason why companies don’t trust ‘Zoom’ When it comes Security risks companies/agency information being exposed.
Zoom is the best balance of convenience and security, imo. This reminds me of the selling of windows activation keys, except that I don’t know if zoom can do anything about it.
 

I7guy

macrumors Nehalem
Nov 30, 2013
34,172
23,871
Gotta be in it to win it
WebEx and GoToMeeting.
IMO, neither of those are better than Zoom. YMMV.
[automerge]1586868012[/automerge]
I don't get it, WebEx is the same price and more secured.
What does more secured mean? Does it mean, if you give your user and password to someone else, there is a webex 2fa?
 

dubar

macrumors newbie
May 8, 2019
12
99
Google gives you the GSuite for free, all you have to do is give them all your information and all the information about your contacts.

Zoom records your meeting and stores it on Chinese servers (even "private" (ROFL) meetings. All they offer is a built in grid view that looks "pretty".

Facetime could take off if they removed the Apple ID function, but without that they can't really get your info.

These apps are all about harvesting your data. They are not about anything but that. I don't have a computer for Zoom, not personally or professionally. It's like chewing tobacco...I don't have a hole dirty enough to put that in.
 

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
I don't get it, WebEx is the same price and more secured.

We migrated from Webex after spending a fortune on outfitting our conference rooms with cameras, Cisco proximity boxes etc. and then spent almost every day afterwards dealing with problems as a result. The firewall configurations alone for Webex were a bloody nightmare.

For all it's perceived issues, Zoom has been relatively stable for us and significantly cheaper.
[automerge]1586869632[/automerge]
Google gives you the GSuite for free, all you have to do is give them all your information and all the information about your contacts.

Zoom records your meeting and stores it on Chinese servers (even "private" (ROFL) meetings. All they offer is a built in grid view that looks "pretty".

Facetime could take off if they removed the Apple ID function, but without that they can't really get your info.

These apps are all about harvesting your data. They are not about anything but that. I don't have a computer for Zoom, not personally or professionally. It's like chewing tobacco...I don't have a hole dirty enough to put that in.

Citations please.
 

Flytek

macrumors newbie
Sep 23, 2016
1
5
Why not? I mean, even if you have a strong password, change it.
If you don't reuse passwords no need to in this case.
[automerge]1586870238[/automerge]
I think there may be a number of companies who in a few weeks will be regretting their decision to go with Zoom
There may be plenty of other reasons not to use Zoom, this ain't it.
 

Greenmeenie

macrumors 68020
Jan 14, 2013
2,059
3,177
Why use Zoom with all it’s security flaws when you can just FaceTime on your iphones? True, all the people would need to be on an iPhone...but my whole family is and my friends are. So for me, it’s an easy choice.
 

tigres

macrumors 601
Aug 31, 2007
4,213
1,326
Land of the Free-Waiting for Term Limits
We migrated from Webex after spending a fortune on outfitting our conference rooms with cameras, Cisco proximity boxes etc. and then spent almost every day afterwards dealing with problems as a result. The firewall configurations alone for Webex were a bloody nightmare.

For all it's perceived issues, Zoom has been relatively stable for us and significantly cheaper.
[automerge]1586869632[/automerge]


Citations please.
My understanding is that some decent sized organizations switching from Cisco to Zoom and Zoom Rooms alone was a savings of 1.5MM / annual. Not small change when it comes to managing their phones as well as their meeting rooms w/ Cisco. Additionally, I can speak to the experience as I have been on meetings for an average of 6 hours/day for the last 4 years. WebEx sucks vs Zoom with Resource hogging and bandwidth requirements. Zoom is like butter compared to WebEx. Now, security is another matter which I am know many enterprise companies have put passcode and other measures into place.
 
  • Like
Reactions: etios

I7guy

macrumors Nehalem
Nov 30, 2013
34,172
23,871
Gotta be in it to win it
Why use Zoom with all it’s security flaws when you can just FaceTime on your iphones? True, all the people would need to be on an iPhone...but my whole family is and my friends are. So for me, it’s an easy choice.
Can you enumerate the Zoom security flaws?

Here are some reasons to use zoom over facetime.
1. support for hundreds of participants
2. whiteboarding
3. full participant controls
4. break-out rooms
5. plus others
 
  • Like
Reactions: TiggrToo and etios
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.