Cyble Able to Purchase Zoom Credentials on Dark Web

June 24, 2020

Volume X, Number 176

June 23, 2020

Subscribe to Latest Legal News and Analysis

June 22, 2020

Subscribe to Latest Legal News and Analysis

Credential Stuffing During COVID-19: Cybersecurity Firm Purchased over 500,000 Zoom Account Credentials on the Dark Web and Hacker Forums

In what could only be adding fuel to the fire that is the growing concern over reported that over 500,000 Zoom accounts were sold on the dark web and hacker forums earlier in April. The accounts were purchased by cybersecurity firm Cyble after it noticed free Zoom accounts were being posted on hacker forums.

Cyble was able to purchase approximately 530,000 Zoom credentials, which included a user’s email address, password, personal meeting URL, and their HostKey (a six-digit number used to host meetings on Zoom). Victims included well-known companies such as Chase, Citibank and educational institutions including the University of Colorado and the University of Florida. According to Cyble, credentials belonging to its clients in the bulk purchase were also confirmed to be correct.

While Cyble was able to purchase these accounts, there is no indication that Zoom has been compromised for the time being. It appears that these accounts were gained through credential stuffing attacks. Credential stuffing is the automated injection of usernames/password pairs to gain access to user accounts, typically following an older data breach. The credentials sold online in this case were not obtained from any Zoom breach. We’ve previously blogged about credential stuffing attacks, which are on the rise in Australia and will only increase during the COVID-19 pandemic.

So, what’s the going price for Zoom accounts? Less than a penny. And in some cases, free! Zoom acted swiftly to investigate the attack, and has locked all compromised accounts. It has also recommended users to change their passwords.

In our experience, it is common for web service providers (and their users) to be targets of cyberattacks such as these. It is important for organisations to maintain their security processes, including two-factor authentication, in these trying times. While the credentials may be dirt cheap, the consequences of a successful credential stuffing attack are going to be very expensive.

Copyright 2020 K & L GatesNational Law Review, Volume X, Number 173

TRENDING LEGAL ANALYSIS


About this

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm
Partner

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

+61.3.9640.4261
www.klgates.com
Senior Attorney

Ms. Aggromito is a senior lawyer in the lawyer in the Melbourne commercial technology and sourcing team focusing on IT, privacy and data protection.

+61.3.9205.2027
www.klgates.com/
Rebecca Gill Commercial Technology and Sourcing Lawyer Melbourne K&L Gates
Rebecca

Ms. Gill is a lawyer in our Corporate and Transactional team at the Melbourne office.

Primary Practice

Commercial Technology and Sourcing

Education

  • J.D., Melbourne School of Law University of Melbourne, 2018
  • B.A., University of Melbourne, 2014
  • Certificate I in Vocational Preparation, Australian Employment and Training Solutions, 2014
61.3.9205.2126
www.klgates.com