Header Ads

Breaking News

Latest growing pains for Zoom: 500,000 logins are being sold on the dark web


While Zoom has seen the number of daily participants soar, it has had some major privacy issues

Zoom has been the subject of several complaints. Founder and CEO Eric Yuan explained some security problems that Zoom had by stating that the platform was designed for large firms that have an IT department. This past March, the Zoom iOS app was caught sending user information to Facebook without the user knowing. Zoom responded by saying that Facebook’s SDK was collecting data related to the make and model of the device and the operating system being used to login to the app. An update removed the SDK. A lawsuit was filed that same month accusing Zoom of passing user information to third parties including Facebook.

Last month, a data-mining feature on Zoom, using a tool designed to match Zoom users’ names and email addresses with their LinkedIn user profiles, was discovered by the New York Times. Other people in the same video meeting using LinkedIn Sales Navigator were able to see other participants’ LinkedIn profiles without permission by tapping on an icon next to their names. Both Zoom and LinkedIn ended this feature.

In an attempt to earn back user trust, CEO Yuan recently announced a 90-day security plan. One of the new initiatives allows users to decide which regions their data will be run through. Previously, all data was run through China which made ears perk up in Washington D.C. among the anti-Huawei crowd.
Could things get worse for Zoom users? According to the U.K.’s Sunday Times, more than 500,000 Zoom logins have been offered for sale on the dark web. The price for each login is a penny (1.25 U.S. cents) or $6,250 USD for the entire list. Cybersecurity intelligence company Cyble purchased the logins from a Russian-sounding person over the Telegraph app. A Zoom spokesman said, “We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts.” The company has also hired intelligence firms to find who is responsible for selling the passwords and the tools used to collect them. It is also investigating an unnamed company that has tricked people into downloading malware and revealing their login information on certain sites.

The company recently had to walk back a claim that it had 300 million daily users and said that it actually has “300 million daily meeting participants.” These are two different metrics because a person can take part in more than one meeting in a day. Zoom has yet to release the number of active daily users, although to be fair this is a number that is constantly changing because of the pandemic. Zoom’s growth during the COVID-19 outbreak can easily be seen in the jump from 10 million daily participants in December to 300 million last month.

Yuan recently said that the company is working hard to prevent Zoombombing. The latter takes place whenever an uninvited person crashes a Zoom video conference without an invitation and has become a major annoyance for users of the Zoom platform. Zoom investors also have been cashing in. The company’s stock (ZM-Nasdaq) has more than doubled since the end of last year closing Friday at $138.56.



Source Link

No comments