Cybersecurity is the never-ending issue for this digital age where we spend more than half of our day online in some way or other. Especially in the coronavirus pandemic when digital meetings have become a new trend and almost everyone is using it – especially for the formal meetups. Universities have landed on the zoom to conduct regular online classes for students and business professionals are actively using zoom for their official meetings.
But just like any other online account, there was a chance of hacking – and it finally happened right at the point when digital communication has become the norm of almost every individual. Be it a student, teacher, businesses or govt officials, everyone has just started using zoom and getting their private or confidential conversations continued as it was the only good alternative available for all of us.
Apparently, hackers have hacked millions of accounts to set the ‘zoombomb’ to happen. Recently, our cyber warriors have spotted someone selling 0.5 million active zoom accounts credentials online in the dark web at an extremely cheap price – $0.0020 per account, it is 0.3 paisa in pkr (pretty cheap isn’t it). And some accounts were offered absolutely free – Woah! It sounds lucrative commercial ads that give something free to persuade the buyer to take immediate buying-action. The purpose of zoom bombing is to intrude into the conversation and sending malicious, graphic or offensive content.
Beware – your zoom account might be one of the accounts in the list. Remember these are the mere number of the account that has been seen by the one seller at a time. There is a high chance that the number could much higher than what has been posted for sale.
Fortunately, a renowned cybersecurity firm, Cyble had discovered it and bought all of them from that unknown person sitting behind the dark web. The agency has made this news available for all and requested everyone to change their password immediately. Since it definitely doesn’t mean that Zoom itself has got hacked. It is safe and sound, you don’t even need to create another account. You are good to continue with the same, just changed the password so that the list in the suspicious hands become invalid.
Cybersecurity experts explained that the accounts that were on sale on the dark web just retrieved with the help of ‘popular-among-the-hackers’ method called “credential stuffing”, in which hackers try to extract the information using email and password combination – a by chance hacking. Poor hackers didn’t use any complex or any sort of technologically advanced approach this time, they might just did it by the hit and trial method and luckily got what they wanted. There is not to worry about.
So stay calm – stay home and change your password.
