Nefarious Parties Peddled Half a Million Zoom Profiles on Darknet

Recent data shows parties selling a massive number of Zoom accounts in the far reaches of the internet.

Recent data shows parties selling a massive number of Zoom accounts in the far reaches of the internet. 

In darknet and hacking forums, perpetrators are pawning off 500,000 user accounts from the popular internet video conferencing site, BleepingComputer said in an April 13 report.

Hackers utilized former leaked information

The infiltrators used multiple methods to gain access to the plethora of Zoom accounts.

“These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches,” the report said of Zoom users’ information. “The successful logins are then compiled into lists that are sold to other hackers.”

Nefarious parties sometimes give the accounts away

Prices varied for the sale of said accounts, although some were available for free, which muddles the rationale behind such activities. The report noted hackers give away this data for other parties to harness for malevolent acts, as well as “zoom-bombing pranks.”

Since April 1, 2020, nefarious parties also started posting such accounts without charge on forums to achieve status or notoriety in the hacking world, cybersecurity outfit Cyble told BleepingComputer.

Some parties also sold large batches of accounts all at once.

As the hacking continues, companies may begin to weigh blockchain’s security benefits as potential solutions to the issues at hand.