It was found that `` Zoom '' accounts for more than 500,000 people were bought and sold on the black market, and the price may be distributed free for less than 1 yen per account
Over 500,000 accounts of the online conferencing software Zoom,
Over 500,000 Zoom accounts sold on hacker forums, the dark web
This incident was reported by cyber security company Cyble . On April 1, 2020, Cyble discovers that his hacker community has a free Zoom account. According to Cyble, this kind of free distribution is done to increase fame within the community. Below is a post from the hacker community claiming free distribution of Zoom accounts.
The ID and password of the Zoom account that is being bought and sold is acquired by the
The Zoom account distributed for free also had accounts related to famous American universities such as the University of Vermont, University of Colorado, Dartmouth University, Lafayette University, University of Florida.
Bleeping Computer, who reported this issue, contacted the email addresses of the free-delivered accounts and confirmed that some accounts were real. However, one user replied that 'I have changed my password', and it seems that some of the accounts that are subject to trading are unavailable.
For the sake of research, Cyble actually purchased 530,000 Zoom accounts on all hacker forums. The purchased account contained information such as email address, password, meeting URL, and host key . The list of Zoom accounts I purchased is like this. A part of it is hidden to protect personal information, but you can see that the email address, meeting URL, and host key are listed.
Based on the purchased account information, Cyble is able to check whether or not the Zoom account has been leaked by its own data leak notification / email address leak confirmation service '
To actually use AmBreached, select one of 'Email', 'Domain', 'Password', 'Dark Web Search' search). Enter the content you want to search in the search field. Click the magnifying glass icon on the right to see the spill status.
Also, the same type of personal information leak confirmation service ' Have I been pwned ' can confirm the leak of the Zoom account.