Personal information of hundreds of Zoom accounts found on dark web

Sixgill states that these credentials can be used to accomplish a plethora of seedy activities, such as eavesdropping on corporate calls and identity theft, among others.

APRIL 8, 2020 22:11

Some of 208 monday.com employees participate in a Zoom video conference this week (photo credit: Courtesy) — Some of 208 monday.com employees participate in a Zoom video conference this week

(photo credit: Courtesy)

Cybersecurity firm Sixgill uncovered a catalog posted to the dark web, displaying information connected to 352 Zoom accounts - personal information such as email addresses, passwords, meeting IDs, host keys and host names, according to Mashable.

Sixgill states that these credentials can be used to accomplish a plethora of seedy activities, such as eavesdropping on corporate calls or identity theft, among others.

“In comments on this post, several actors thanked him for the post, and one revealed intentions to troll the meetings,” said Dov Lerner, a security researcher at Sixgill said. “There's a number of ways a malicious actor could use these stolen accounts.”

The accounts were each designated by account tier, where some who were hacked were paying for a premium Zoom service. Sixgill noted that while most of the accounts belonged to personal users, some belonged to educational institutions, business and a major US healthcare provider.

Zoom has been under fire recently for security concerns surrounding the app and company policies related to the release of the personal information of its users to third party entities.

Experts have claimed that the service can also be used by employers to keep tabs on their unknowing employees at home. There is also a virus that allows hackers to steal Windows passwords through the platform.

Zoom Video Communications Inc was slapped with a class action suit by one of its shareholders on Tuesday, accusing the video-conferencing app of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted.

Shareholder Michael Drieu claimed in a court filing that a string of recent media reports highlighting the privacy flaws in Zoom’s application have led to the company’s stock, which had rallied for several days in the beginning of the year, to plummet.

The videoconferencing app is also being sued by a user after it was disclosed that the application sends user information to Facebook, even if they don't have an account with the social media giant.

Zoom has enjoyed a massive surge in popularity as countries around the world go into lockdown over coronavirus, allowing businesses and friends to connect digitally from their homes. But upon downloading and opening the app, Zoom sends data to Facebook's Graph API, according to an analysis of the app's network activity by Motherboard.

The app then sends data to Facebook regarding the user, including notifying the company when the app is opened; details of what device the user is using to access the app, including city, time zone and model; which phone carrier they use; and a unique advertiser identifier, which can be used by companies to target advertising.

Will Strafach, founder of the privacy-focused app Guardian, confirmed Motherboard's findings that Zoom was sending data to Facebook.

"I think users can ultimately decide how they feel about Zoom and other apps sending beacons to Facebook, even if there is no direct evidence of sensitive data being shared in current versions," he told Motherboard in a Twitter direct message.

However, it appears that Zoom's privacy policy did not go far enough in advising users that this data transfer was taking place. Although the policy tells users that Zoom may collect the user's "Facebook profile information," it doesn't mention that it may also send data to Facebook, even for users who don't have a Facebook account.

Rather, it states: "Our third-party service providers, and advertising partners (e.g., Google Ads and Google Analytics) automatically collect some information about you when you use our Products," but doesn't mention Facebook specifically.

Reuters and Donna Rachel Edmunds contributed to this report.

Personal information of hundreds of Zoom accounts found on dark web

Sixgill states that these credentials can be used to accomplish a plethora of seedy activities, such as eavesdropping on corporate calls and identity theft, among others.

In a decisive moment like this, Israel has to reaffirm its strength by striking back

The US must support any Israeli counter-attack on Iran

Prime Minister Benjamin Netanyahu's realpolitik and Israel's survival - opinion

Israel is still uncertain about what lays ahead - opinion

Does the Israel-Jordan peace treaty stand firm amid tensions with Iran?