Connect with us

Security

Hackers are selling over 500,000 Zoom passwords, so switch to Discord already

Zoom the movie is better than this Zoom.

zoom app logo and background
Image: KnowTechie

Last week I suggested the best alternative to Zoom was to never use it, at least in the context of work. Regardless of the sarcasm, now there is more evidence that Zoom is a flawed platform and switching to Discord or Microsoft Teams doesn’t seem like a wholly terrible idea.

BleepingComputer is reporting that cybersecurity intelligence firm Cyble has discovered that Zoom accounts, including logins and passwords, are being posted on hacker forums. Some are being posted for free, some are being sold for fractions of a penny. To date, Cyble has tabulated there are over 500,000 available.

Cyble purchased a bulk of 530,000 Zoom credentials for less than $0.0020 per login. These logins were discovered and revealed by something called “credential stuffing attacks” in which malicious hackers use older login/password data dumps to basically guess Zoom logins. This is because people tend to use the same password and login for multiple sites, so if one was breached, chances are that login and password combo would be used in another program, like Zoom.

This breach didn’t just affect individuals, it also affected numerous companies and educational institutions. Users at colleges and banks had their emails and logins exposed. So, on a related note, your IT department would really like it if you changed your password.

So what can you do to prevent getting Zoom bombed by some racist piece of basement-dwelling trash?

Well, you can check sites like Have I Been Pwned or Am I Breached if you want to see if your email has been compromised. But these services only know what they know and they might not have a full list of breached email addresses. So considering the volume and considering that for some reason y’all won’t switch to the obvious communication platform (Discord), change your damn Zoom password.

Additionally, change how you use Zoom. Don’t just change your password, but require one when you set up a Zoom call. Use all the available security features, the best one being not to use the platform at all until it can manage to stay out of the news for a week.

What do you think? Surprised that Zoom account credentials are being sold left and right? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Security