【Jin Seo】

As Zoomconfronts numerous security issues amid a spike in use of the service during the coronavirus pandemic,Jin Seo yet another problem for the video conferencing platform has entered the stage, thanks to the dark web.

Cybersecurity firm Sixgill recently discovered a collection of 352 Zoom accounts that had been compromised. The accounts were shared by a user on a popular dark web forum; information included each account’s connected email address, password, meeting ID, host key, and host name.

A screenshot of the original post sharing stolen Zoom credentials on a popular dark web forum. Credit: sixgill

The stolen credentials were even labeled by type of Zoom account, meaning some of the stolen information included users paying for a higher-tier service plan.

“In comments on this post, several actors thanked him for the post, and one revealed intentions to troll the meetings,” said Dov Lerner, security research lead at Sixgill, in a statement provided to Mashable.

But online trolling isn't the only thing people could do with the information shared from these Zoom accounts.

“The accounts could certainly be used to troll the owner of the account or those who are joining the owner's calls, but these credentials could also be used for corporate or personal eavesdropping, identity theft, and other nefarious actions,” Lerner explained. “There's a number of ways a malicious actor could use these stolen accounts.”

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

This is especially concerning when looking at who the accounts belong to. According to Sixgill, while its researchers found that most of the 352 accounts were personal, some belonged to educational institutions and small businesses. One of the accounts was that of a major U.S. healthcare provider.

So, what is the "dark web" where these accounts were posted? In the simplest terms, the dark web encompasses websites, forums, and other online destinations that require a special web browser called Tor to access. You cannot visit these sites by just typing a URL into Google Chrome or Firefox. They aren’t visible to search engines — the dark isn’t discoverable when searching for them on Google.

Users on the dark web forum where the Zoom accounts were posted were thrilled to see the stolen information. Credit: sixgill

The collection was found by Sixgill on April 1, as criticism was being leveled at Zoom for its securityand privacy practices. While the video teleconferencing company has blown up in popularity during the coronavirus pandemic, the newfound success has also brought to light issues with the service.

Security experts have noted how the service can be used by employers to effectively spyon their employees at home. The application was discovered to be unnecessarily providing user datato Facebook, as well as mining LinkedIn to unmaskanonymous users without their knowledge. A bug was uncoveredthat allowed hackers to steal your Windows passwords through Zoom.

Security issues became so prevalent that a new colloquialism, “Zoom-bombing,” was coined to specifically define the act of finding a meeting ID and crashing a Zoom teleconference. The accounts discovered by Sixgill included meeting IDs, which means all those users could be targeted by this act specifically.

Things became so bad that last week, Zoom’s CEO Eric Yuan apologized for the issues and announcedthe company was going to focus on fixing its security and privacy bugs over the next 90 days.

One thing Zoom should work on in these coming months: figuring out how a malicious actor got their hands on account credentials belonging to 352 of its users.

Topics Cybersecurity Privacy COVID-19

• Deals
• Games
• Entertainment
• Shopping
• Social Good
• Life
• Science
• Digital Culture

• The fat bears are already extremely fat
• Steven Spielberg's 'West Side Story' is a rapturous remake of a Broadway classic
• Eminem just celebrated a major milestone in his life
• How to share a Spotify playlist
• Best soundbar deal: Save $300 on the Sonos Arc
• Congrats to Ben Platt on joining John Krasinski and Emily Blunt's marriage
• Please enjoy these photos of Melania Trump laughing with Barack Obama
• High school golfer attacked by goose documented in unbelievable photos
• A Typical Wall Street Republican
• Judge rules bar had right to kick out man in MAGA hat. Relax.

• Here's the deal with those colorful status updates on Facebook
• Apple just fixed an iPhone flaw that overwhelmed the 911 system
• New discovery reveals the T. Rex was actually super into foreplay
• Uber update allows riders to edit their pickup location
• This hot new boyband from China is made up entirely of girls
• No, the 'Microsoft Edition' of the Galaxy S8 doesn't run Windows 10 Mobile
• A new tool will automate the referral process so you can get a bonus without doing anything
• Apple opens App Accelerator in India to foster iOS app development
• Your college email account may be one of millions for sale on the dark web
• Your Pornhub habits just got even more private

• Useful or Little Known Android Features
• NASA filmed a magical total solar eclipse in Antarctica. You can watch it.
• Happy 13th birthday to the very first YouTube video
• Why you feel guilty unfriending people you don’t even like
• Analyzing Graphics Card Pricing: May 2018
• Tesla has launched an electric ATV for kids
• 'Avengers'
• Feds let debt collectors slide into your DMs
• The best day to book your flight, according to Google
• Prince Harry has asked Prince William to be his best man and it's kinda sweet tbh

• NYT mini crossword answers for May 12, 2025
• What to do if your iPhone gets wet
• Twitter is testing content warnings on individual posts
• Steven Spielberg's 'West Side Story' is a rapturous remake of a Broadway classic
• Episode 4: The Wave of the Future
• Instagram announces new tools for teen safety and parental control
• Judge rules bar had right to kick out man in MAGA hat. Relax.
• Elon Musk claims feature from Hummer EV is coming to quad
• Musetti vs. Diallo 2025 livestream: Watch Madrid Open for free
• Apple's 2022 lineup reportedly includes a rugged Watch and iPad with wireless charging