The coronavirus crisis has led to a significant increase in the popularity of video streaming platforms such as Zoom. As a result, cyber criminals are showing greater interest in these platforms and are attempting to trick and infect users. Here are three new techniques exploiting Zoom vulnerabilities to beware of:
Two new zero-day flaws have been uncovered in Zoom’s macOS client version. Successful exploitation of the Zoom vulnerabilities allow attackers to gain root privileges and access their victim’s microphone and camera.
Zoom vulnerabilities allow attackers to gain root privileges and access their victim's microphone and camera
Security researchers found that the Zoom Windows client is vulnerable to UNC path injection, which could allow threat actors to steal Windows credentials.
According to the research, the vulnerability exists in the Zoom Chat interface. Any URL address that’s being sent as a chat message is automatically converted into a hyperlink, so that other members can click on it to open a web page in their default browser. The problem is that the Zoom client will convert Windows networking UNC paths into clickable links in the chat messages, as well.
If a user clicks on a UNC path link, Windows will attempt to connect to the remote server using the SMB file-sharing protocol to open the remote file. In this case, Windows will send the user's login-name and NTLM password hash to the server by default.
Zoom-bombing is when a threat actor gains unauthorized access to a Zoom meeting to harass its participants.
In the past few days, the FBI reported multiple Zoom-bombing cases. Zoom-bombing is when a threat actor gains unauthorized access to a Zoom meeting to harass its participants in various ways such as spreading hate or pornographic images or recording pranks that later will be shown on social media. This seems to be a new trend used by script-kiddies to harass victims and steal private information.
Our team is ready to support you during this difficult time. We will get through this together. To set up a call with one of our cyber experts, send us your contact details and we will be in touch shortly.