Hackers have reportedly put thousand of login details for the teleconferencing app Zoom on the dark web.
According to a report on the Sunday Times newspaper, the logins were put up for sale at 1 pence (1.25 cents) each and were discovered and bought by cybersecurity intelligence company Cyble. Cyble purchased the logins from a Russian-speaking person on the Telegram messaging service, which allows anonymous messaging.
Zoom Video Communications Inc. has seen global usage of its service surge during coronavirus shutdowns, but has come under increasing pressure over vulnerabilities in the app’s software encryption. The company has been also sued for failing to protect videoconferencing sessions from online trolls, who have been frequently causing disruptions.
A Zoom spokesperson said that web services are commonly targeted by activity which involves bad actors testing large numbers of already compromised credentials from other platforms to see if they’ve been re-used,
Zoom also said it’s hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a company that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials.
“We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts,” the spokesperson said.