Matt Binder* says hackers are exploiting video conferencing platform Zoom’s newfound popularity amid the COVID-19 pandemic.
With so many people working from home or looking to connect with family and friends amid the coronavirus pandemic, video conferencing platform Zoom is having a big moment.
So of course, this makes Zoom a prime target for hackers looking to take advantage of the service’s newfound popularity.
Researchers at cybersecurity firm Check Point have noticed a sharp uptick in “Zoom” domain name registrations since people started self-quarantining to combat the coronavirus.
According to Check Point, there have been 1,700 new Zoom-related domains registered since the pandemic began.
Of those names, 25 per cent of them were registered in just the past week.
Researchers were able to confirm that at least 70 of the domains were being used maliciously, often as phishing websites in order to steal unsuspecting users’ personal information.
Some hackers are going even further than phishing attacks.
Check Point discovered malicious “.exe” files with Zoom in their file name.
Researchers found that running these files installed software that opened up a victim’s computer to further attacks.
Check Point found other services that have helped people connect while staying in their homes during the pandemic are being targeted as well.
Researchers also discovered similar files with Microsoft Teams in the file name, showing that hackers are expanding past Zoom as well.
They also discovered fake domains for similar services as well.
Google Classroom, for example, lives on a google.com subdomain at classroom.google.com, making it an easier target for nefarious actors looking to register misspelled or similar looking domain names to use for phishing attacks.
Hackers using fake domain names and malicious software aren’t the only ones setting their sights on Zoom either.
“Zoom-bombing” is gaining traction online.
Zoom-bombing is when an unauthorised user gains access to a Zoom meeting by discovering or figuring out the private URL meeting room link.
While a bad actor disrupting a meeting doesn’t seem like the most terrible thing that can happen, some of these cases like the naked man who crashed a students’ group video call are certainly problematic.
Zoom has seen exponential growth since the coronavirus pandemic.
Some reports say that the company has seen its daily user number quadruple.
Analysts estimated that Zoom added more than 2.2 million new users in 2020 right before coronavirus was officially declared a pandemic in the US.
To compare, the company added 1.9 million new users in all of 2019.
With a service so rapidly gaining traction, so many new users make for prime targets for hackers and other bad actors.
New scams and hacks related to Zoom are likely poised to grow exponentially, just like its user base.
* Matt Binder is a reporter for Mashable and host of DOOMEDpod.com. He tweets at @MattBinder.
This article first appeared at mashable.com.
