Like Imo, Google meet, Hangouts, Google Duo, etc Zoom is also one of the best known video conferencing applications available on the internet today. Though it was in use, yet it didn’t gain much prominence until the global lockdown came into momentum. Due to this worldwide lockdown, people across countries are working from their respective homes to compensate for the lost hours in their respective workplaces. Day to day office works are still in process, and as offices and other workplaces are kept closed due to the corona episode, applications such as Zoom are playing a crucial role in carrying on the day to day workplace tasks assigned to the employees by their respective employers via video and audio conferencing. People across the globe are keeping themselves connected via these applications for which the app has experienced a hike in its usage and is raising a vote of thanks towards the ones who have been using it.
But, due to this rise in the number of downloads and usages, the application is facing numerous security issues. Some major tech companies like Google and SpaceX have banned usage of the application. Standard Chartered employees are too staying away from the application. A new report from the Bleeping Computer, has contended that data of around 5,00,000 Zoom users are on sale on the dark web. The accounts that are on sale are being sold at prices even lower than Re 1. The report claims that the listing was spotted by a cybersecurity intelligence firm Cyble around April 1. The intelligence firm went along with the purchase of around 5,30,000 accounts at a price of just $0.0020 per account which roughly translates to 15 paisa for each account. This was done to warn the users about the infringement in security. It has come to be known that these accounts were hacked via credential stuffing attacks. The hackers use the leaked data to access various accounts. The accounts that are successfully logged into are then assembled and sold to other customers. According to the report, the accounts that were found vulnerable included some well known banks and educational organisations. 290 accounts were linked to popular institutes like the University of Vermont, Dartmouth, Lafayette, University of Florida, University of Colorado. Few of these leaked accounts also belonged to big companies like Citibank and Chase. Zoom responded to the report by saying that they have already hired intelligence firms to detect password dumps that are listed by hackers. The company claims they are doing this in order to reset the passwords of the users affected by the hack.
To counter the instances of hacking within the application, Zoom introduced a few security features. The app has now introduced a ‘Waiting Room’ for new participants joining a chat. The company has also introduced a dual password setting. The two password settings have been enabled by default to prevent unwanted participants from joining a meeting. The new features will be enabled for all Basic users and Pro users with a single license.