至少有50万Zoom用户的账户信息在他们不知情或不同意的情况下被公布、交换,在某些情况下被网上出售。根据一项研究周一报道从技术新闻网站Bleeping Computer上,网络安全公司Cyble首先发现了这一漏洞,随后通过黑客论坛以每张0.002美分的价格购买了超过53万张被盗的Zoom证书。许多被泄露的账户是由赛布尔的客户创建的,所以情报公司继续确认它获得的大部分凭证是合法的。
赛布尔告诉该网站,黑客能够通过一个名为“凭证填充”的网络攻击方案获得Zoom用户的电子邮件地址、密码、会议网址链接和主机密钥。在这个方案中,以前由另一个在线来源泄露的数据被从黑暗网络的区域提取出来,并用于泄露新账户。国家安全局(NSA)在2006年详细说明了这一策略a 2018年咨询备忘录指出,任何人使用相同的登录凭证访问多个账户(例如,一个人的脸谱和缩放密码匹配)特别容易受到这种形式的网络威胁。
“如果你的用户名和密码被遭受数据泄露的A公司泄露,而你使用相同的用户名和密码登录你的社交媒体账户,那么该账户也可能处于危险之中,”美国国家安全局的声明写道。声明敦促互联网用户,如果发现任何一次泄露,立即在所有在线平台上更改他们的登录凭证。赛布尔周一的评论回应了这一建议,鼓励Zoom账户所有者使用唯一的密码来访问该应用程序,以最大限度地减少黑客的机会。
由于在冠状病毒大流行的社交距离规定下,渴望远程工作和学习的用户突然涌入,自上个月以来,Zoom面临着多重网络安全挑战。
Zoom是一款领先的视频通信应用,在冠状病毒大流行期间,学校和企业都使用它进行远程工作。在过去几周里,zoom解决了多个安全问题。上周二,来自马什布尔的报道详细说明了类似的违规行为由网络安全公司Sixgill确定,概述了第三方未经授权访问用户帐户的潜在后果。其中之一是“放大轰炸”,美国各地的检察官办公室现在认为这是一种电话会议黑客行为非法的,会被起诉的根据司法部网站上分享的最新声明。
然而,西斯吉尔安全研究员多夫·勒纳告诉马什布尔,账户信息可能被用于更腐败的目的,如“公司或个人窃听、身份盗窃和其他邪恶行为”
Zoom的创始人埃里克·袁谈到了这个应用以前的网络安全投诉在4月1日发布的消息中。“我们认识到,我们辜负了社区以及我们自己对隐私和安全的期望。为此,我深感抱歉,我想分享我们对此所做的一切,”他写道。他的声明接着总结了公司的预期行动计划,其中包括收紧隐私和安全政策的几种方法。
MORE THAN 500,000 ZOOM ACCOUNT CREDENTIALS BEING SOLD ON DARK WEB FOR LESS THAN A PENNY EACH
A ccount information belonging to at least half a million Zoom users has been published, exchanged and, in some cases, sold online without their knowledge or consent. According to a Monday reportfrom technical news site Bleeping Computer, the breach was first identified by Cyble, a cybersecurity firm that discovered and later purchased more than 530,000 stolen Zoom credentials through a hacker forum selling them for .002 cents each. Many of the compromised accounts were created by Cyble clients, so the intelligence company went on to confirm that a large portion of the credentials it acquired were legitimate, per Bleeping Computer.
Cyble told the website that hackers were able to obtain Zoom users' email addresses, passwords, meeting URL links and host keys through a cyberattack scheme called "credential stuffing," where data previously leaked by another online source is extracted from areas of the dark web and used to compromise new accounts. The National Security Agency (NSA) detailed this tactic in a 2018 advisorymemo, which noted that anyone who uses the same login credentials to access multiple accounts (an individual whose Facebook and Zoom passwords match, for example) is especially vulnerable to this form of cyber threat.
"If your username and password is compromised from Company A—who suffered a data breach—and you use that same username and password to login to your social media account, then that account could also be in jeopardy," the NSA's statement read, urging internet users to immediately change their login credentials across all online platforms if any one breach is detected. Cyble's Monday comments echoed that recommendation, encouraging Zoom account owners to access the application with a unique password to minimize opportunity for hackers.
Due to a sudden influx of users eager to work and learn remotely amid the coronavirus pandemic's social distancing regulations, Zoom has faced multiple cybersecurity challenges since last month.
Zoom—the leading video communication app used by schools and businesses to work remotely during the coronavirus pandemic—has fielded multiple security issues over the past several weeks. Last Tuesday, a report from Mashable detailed a similar breach identified by cybersecurity firm Sixgill, which outlined the potential consequences of third parties gaining unauthorized access to users' accounts. One of them was "zoom-bombing," a teleconference hacking practice United States Attorneys offices across the country have now deemed unlawful and subject to prosecution, according to recent statements shared to the Department of Justice's website.
However, Sixgill security researcher Dov Lerner told Mashable that account information could be used for more corrupt purposes, like "corporate or personal eavesdropping, identity theft, and other nefarious actions."
Zoom founder Eric Yuan addressed the app's previous cybersecurity complaints in a message released April 1. "We recognize that we have fallen short of the community's—and our own—privacy and security expectations. For that, I am deeply sorry, and I want to share what we are doing about it," he wrote. His statement went on to summarize the company's intended plan of action, which includes several approaches to tightening its privacy and security policies.
