Video conferencing application Zoom has reportedly sold over 500,000 accounts on hacker forums.
Every account was disposed for less than a penny each, and in some cases, given away for free.
The accounts include those of well-known companies such as Chase, Citibank, educational institutions, and more.
According to cybersecurity intelligence firm Cyble, free Zoom accounts were being posted on hacker forums around April 1 to gain an increased reputation in the hacker community.
These accounts are shared via text sharing sites where the threat actors are posting lists of email addresses and password combinations.
The credentials of the app users were acquired through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches.
The successful logins are then compiled into lists that are sold to other hackers.
The purchased accounts include a victim’s email address, password, personal meeting URL, and their HostKey.
Bleeping Computer later on confirmed that credentials posted on the forums were genuine.
Cyble reached out to purchase a large number of accounts in bulk after seeing a seller posting accounts on a hacker forum, so that they could be used to warn their customers of the potential breach.
The cybersecurity intelligence firm was able to purchase approximately 530,000 Zoom credentials for less than a penny each at 20 cents per account.(WION)