Zero-day exploit for Zoom sale means businesses need to heighten security.
With user credentials already for sale on the Dark Web and now the method to steal more on offer, users have to tighten security procedures.
The COVID-19 outbreak has seen a huge increase in the use of conferencing technology that has allowed businesses, schools, and Government to carry on as much as possible whilst colleagues and pupils are separated.
Indeed, Reuters reported that Zoom’s daily users ballooned to more than 200 million in March 2020 from a previous maximum total of 10 million. This is huge increase in log-ins and registrations has immediately made Zoom a target for cyber criminals. This has quickly become all the more concerning with the discovery of a Zero-day exploit being put up for sale on the Dark Web for $500,000. There is no current fix for this and so users have to update their security policies accordingly.
The earlier discovery of 500,000 Zoom account details for sale, for virtually nothing on the Dark Web in April 2020, highlighted the vulnerability within the online conferencing facility. Now with the method for stealing more on sale for a relatively small amount, companies have to up their game as AJ Thompson, CCO at Northdoor explains.
“The Zero-day exploits for sale seem to target vulnerabilities in Zoom’s Windows client and another targeting OS X. At present, it does not seem to be able to target those who use Zoom via a browser. With no known fix for these exploits, companies have to take it upon themselves to ensure that they are communicating effectively with employees who are now sitting outside of the corporate environment.
“The huge uptake in the use of Zoom over the past month or so has made it a really appealing target. The sudden increase has also meant that Zoom itself is having to play catch up with patching vulnerabilities that they didn’t, up until recently, have to focus on. With so many organisations now using Zoom, each of them will have to make sure that they are following the advice of experts, and ensuring that their teams are doing so too, if they are to remain secure.
“The temptation of those now working from home to be less rigid in their security practices is high. Being in your own home brings a sense of security, but in fact you are more vulnerable than ever, and now criminals are targeting one of the most used solutions in the world, everyone should be looking to heighten security.
“We are recommending clients to remove the Zoom client from computers and use the Zoom browser client or Zoom on mobiles. Whilst there is no patch to fix the vulnerability, not using it in ways that leave the door open to criminals is key.
“We are likely to see an increase in these types of attacks, and as with other targets for cyber criminals, they are likely to be ahead of the curve in terms of using more and more sophisticated tools to gain access. However, if companies and individuals are taking the threat seriously and ensuring that they are following the guidelines they have a much better chance of remaining secure,’ concluded Thompson.