While the lockdown continues, many schools and offices are still taking place online. Most of these places are using Zoom to communicate with their students or employees. While Zoom may have earned praise for easy accessibility and flow, the security of Zoom is not very appreciated. It has been hacked before and some of the hacked accounts are being sold en masse on the dark web.
As per Bleeping Computers, which interviewed Cyble, around 500,000 hacked Zoom credentials are on the verge of being sold on the dark web. Some of these may be accounts that were hacked previously or that are fake. Some, however, might be genuine.
The experts of Cyble noticed a sudden rise of Zoom accounts sale on 1st April. They purchased around 530,000 of them at a price of 0.002 dollars per account. The Zoom credentials found in the hacked account were the password, email address, meeting URL and the six-digit Host Key.
Zoom has had privacy blunders before and this time, the accounts seem to not be hacked. Rather, the hackers have used the technology called credential stuffing. Here, hackers use the data from older databases of already stolen user accounts and test them on Zoom.
The best thing to protect you in these cases is not to use old passwords. Password Management Tools can help you as well.