• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Thousands Zoom credentials available on a Dark Web forum

by Cyber360 News
April 12, 2020
in Security
0
Thousands Zoom credentials available on a Dark Web forum
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Security researchers discovered an archive available on a dark web forum that includes thousands of compromised Zoom credentials.

Researchers discovered a database available on an underground forum in the dark web that contained more than 2,300 compromised Zoom credentials.

Some of the records also included meeting IDs, names and host keys.

The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies.

“In a recent investigation of deep and dark web forums, IntSights researchers came across a cybercriminal who shared a database containing more than 2300 usernames and passwords to Zoom accounts.” reads the report published by security firm IntSights. “An analysis of the database revealed that aside from personal accounts, there were many corporate accounts belonging to banks, consultancy companies, educational facilities, healthcare providers, and software vendors, amongst others. While some of the accounts “only” included an email and password, others included meeting IDs, names and host keys.”

Experts noticed that several posts and threads discussed how to targeting Zoom’s conferencing services. Most debated uses are Zoom checkers and credential stuffing. Checking services are used in credit card fraud ­to check whether a stolen credit card is “fresh” by making a micro-donation.

Credential stuffing attacks are a form of brute force attack that leverages stolen login credentials usually obtained through phishing attacks and data breaches. The availability of Zoom accounts could allow attackers to harvest additional data regarding the account, one of the participants in a discussion suggested using a Zoom-specific configuration of OpenBullet.

OpenBullet is a web testing suite that can be used to scrape and parse data, to conduct automated pen testing and more.

At the time it is still unclear the source of the Zoom credentials, but experts believe it was not stolen from the company Zoom.

Compromised credentials could be also used to launch denial-of-service attacks, they could join meetings and interfere with the meeting by blasting music or videos, a practice that is also known as “Zoom bombing.”

A few days ago, security firm Sixgill reported the availability of a collection of 352 compromised Zoom accounts on dark web forum. 

Video conferencing platforms are under attack due to the spike in the use after the Coronavirus outbreak.

The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but it is a malware designed credentials for Cisco’s Webex web conferencing platform.

Threat actors use this bait because attempt to take advantage of Coronavirus pandemic that forced most of the companies to adopt the smart-working.

“With much of the global workforce confined to work from home using collaboration and conferencing tools to keep businesses running, threat actors are increasingly looking for ways to take advantage of the situation and target people, processes and technologies.” concludes the report. “Implementing a cyber threat intelligence strategy which is based on the collection, analysis and dissemination of reliable, timely and actionable intelligence is a core component for any cyber security program that aims to be proactive rather than reactive and defend forward.”

Pierluigi Paganini

(SecurityAffairs – Zoom, Dark web)

[adrotate banner=”13″]



Share On


Cyber360 News

Cyber360 News

Next Post
Apple and Google join forces to develop Contact Tracing app against Coronavirus

Apple and Google join forces to develop Contact Tracing app against Coronavirus

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In