Over 500,000 Zoom accounts being sold on dark web: Protect yourself now

News
By Paul Wagenseil
published

Stolen Zoom credentials include emails, passwords

How to change your Zoom background
(Image credit: Zoom; Fox)

More than 500,000 Zoom accounts are being sold for fractions of a penny each on the "dark web" and in hacker forums. Some are even being given away.

However, these accounts were not compromised as the result of a Zoom data breach. So says Bleeping Computer with input from Singapore-based information-security firm Cyble. 

Rather, the accounts were harvested from credential-stuffing attacks, and perhaps phishing attacks, over the past few years.

Cyble bought 530,000 account credentials for about 0.2 cents each. The accounts included email addresses, Zoom passwords, Zoom personal meetings URLs and Zoom host keys. Many of them were clearly associated with universities and corporations, including Chase and Citibank.

How to protect your Zoom account

If your Zoom account was created before the start of the coronavirus lockdown, it might be best to change your Zoom password to something strong and unique. Doing so will protect you from the type of credential-stuffing attacks that likely resulted in this Zoom credential stash.

Credential-stuffing attacks are when criminals try to access uncompromised online accounts with email addresses and passwords harvested from other data breaches. They work only because so many people reuse passwords for multiple accounts. You can avoid this trap by using one of the best password managers.

Cyble runs its own data-breach notification service called AmIBreached, into which you can plug in your own email addresses or usernames to see if any have been included in data breaches and credential sets. If so, then you have to sign up for a free account to see from which company your credentials were stolen.

It's not clear whether the Zoom credentials have been added to the AmIBreached dataset yet, but if not, they probably will be soon.

It's also likely that the Zoom dataset will be added to the free HaveIBeenPwned breach-notification service as well in the next few days. You don't have to create an account to use that service.

Paul Wagenseil
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.