Site icon Money & Markets, LLC

‘Zoombombing’: Zoom Calls Hacked by Cybercriminals

Zoom stock

Malicious, racist and even pornographic attacks have stepped up recently as the popular video conferencing app Zoom has been hacked by cybercriminals, using a practice called “zoombombing.”

As millions of Americans change the way they do business with stay-at-home orders due to the novel coronavirus pandemic, apps like Zoom Video Communications Inc. (Nasdaq: ZM) have exploded in popularity.

In fact, the company said the number of users reached more than 200 million in March, up from just 10 million at the end of December 2019.

That has presented cybercriminals and hackers with an interesting opportunity.

‘Zoombombing’

The Federal Bureau of Investigation issued a warning Wednesday about hackers conducting “malicious activities” by dropping in uninvited to Zoom calls to eavesdrop and use racial slurs and even pornographic images to disrupt meetings.

It already has a name: “zoombombing.”

“Malicious cyber actors are looking for ways to exploit telework software vulnerabilities in order to obtain sensitive information, eavesdrop on conference calls or virtual meetings, or conduct other malicious activities,” the FBI said in a statement.

In a blog post, Zoom said there were things you can do to avoid being “zoombombed.”

Shares of Zoom were down 4.1% in midday trading Thursday.

Zoom Hacked in Other Ways

Another way cybercriminals have hacked Zoom is by creating fake domains to imitate the conferencing platform.

According to cybersecurity company Check Point Software Technologies Ltd. (Nasdaq: CHKP), more than 1,700 new domains have been registered since January 2020 with names including “Zoom.” Almost 25% of those have been created in the last week.

The FBI said the links appear to “come from legitimate telework software vendors. These sites are created to phish for personal information or unwanted access to your computer.

Zoom Isn’t Alone in Being Targeted

Check Point also said that sites like Google Classroom — usage of which has also spiked with schools closed around the country — have also been targeted.

The official classroom.google.com website has been impersonated by malicious sites like googloclassroom and googieclassroom.

“Additionally, we have detected malicious files with names such as ‘zoom-us-zoom_##########.exe’ and ‘microsoft-teams_V#mu#D_##########.exe’ (# representing various digits),” Check Point said. “The running of these files leads to an installation of the infamous InstallCore PUA on the victim’s computer which could potentially lead to additional malicious software installation.”

How to Protect Yourself and Your Organization

The FBI said there are several ways you can protect yourself and your business from these cyber attacks, like “zoombombing.”

Here’s what you should do:

Here’s what you shouldn’t do:

Share links to remote meetings, conference calls or virtual classrooms on open websites or open social media profiles.

Open attachments or click links within emails from senders you do not recognize.

Enable remote desktop access functions like Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) unless absolutely needed.

If you believe you or your company has been victim to a cyberattack, the FBI said to file a complaint with its Internet Crime Complaint Center at www.ic3.gov.

Editor’s note: Zoom Video Communications was one of the work-from-home stocks to buy amid the coronavirus outbreak.

Exit mobile version