Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are compiled into lists that are sold to other hackers.
Some of the Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
According to cybersecurity intelligence firm
Cyble, who shared this information with BleepingComputer, hackers are offering these free accounts to gain an increased reputation in the hacker community.