In yet another instance that raises concerns around the security of video conferencing platform Zoom, more than 500,000 Zoom accounts have been found on sale on the dark web and hacker forums, according to a report by Bleeping Computer. Credentials including people’s email address, password, personal meeting URL, and HostKey (a 6-digit PIN tied to a person’s Zoom account), can reportedly be purchased for less than a rupee, and in some cases, even for free. Zoom told Bleeping Computer that it is “common for web services that serve consumers to be targeted by this type of activity”, and that these kinds of attacks “generally does not affect our large enterprise customers that use their own single sign-on systems”. Some accounts belonged to companies such as Citibank and Chase: Some of these compromised Zoom accounts belong to people from companies such as Citibank, Chase, and 290 accounts were related to educational institutions including University of Vermont, Dartmouth College, Lafayette College, University of Florida, and University of Colorado, among others. This is interesting since last week, Singapore directed its educational institutions to not use Zoom for remote classes, and New York City also banned its use for remote teaching due to security concerns. Accounts could be bought for Rs 0.15: Cybersecurity intelligence firm Cyble had first pointed out these Zoom accounts around April 1, and bought 530,000 Zoom credentials at $0.0020 (around Rs. 0.15) per account, the report continues. The company confirmed to Bleeping Computer that Zoom accounts found on this database which belong to its clients,…
