Developers: | Zoom Video Communications |
Last Release Date: | 2022/05/25 |
Technology: | SaaS - Software as a service, Video conferencing, Office applications |
The main articles are:
- Types and capabilities of modern VKS systems
- Office Software (Russian Market)
- SaaS - History. Philosophy. Development drivers
Zoom Meetings provides the ability to work and attend online meetings from anywhere.
Zoom Meetings allows you to:
- Connect a virtual background and select an image to your liking (available on the iPhone);
- Enable display, and connect to collaboration;
- Use Zoom Meetings in safe driving mode or Apple Carplay
Depending on the tariff plan, Zoom allows you to collect from 100 to 1000 participants for a call. The service works through a mobile or desktop application, as well as in a browser. In addition to directly video calls, Zoom has a number of communication services: chats, virtual rooms and spaces, cloud telephony, messaging with third-party services, an application store, tools for webinars (up to 1000 viewers). The service website lists satisfied customers of the company, including (either with irony or pride) the owner of the Viber service, Rakuten and Slack corporate communication service.
Zoom today has many advantages, including mass and a huge number of opportunities, and with them information on how to use the service, life hacks and tips. In Zoom, you can set the virtual background to'adjust your appearance' using the corresponding function in the settings. By the way, the legendary Ukrainian creative agency banda recently presented its selection of backgrounds.
Maximum number of participants: depending on the tariff, up to 100 people at the most accessible, up to 500 - at the most expensive corporate (+ up to 50 event organizers for one corporate account)
Fares: There is free (up to 100 participants) and paid in the range of $14.99-19.99 per month
Duration of conversations: up to 40 minutes on a free tariff, up to 24 hours in the Pro version ($14.99), unlimited - in business tariffs and tariffs for enterprises
2023
In the DPR block Google and Zoom
In mid-February 2023, it became known about the blocking of Google and Zoom services in the Donetsk People's Republic (DPR). There are also problems in the region with downloading images and videos via Viber. Read more here.
How hackers attack companies using Zoom
On January 5, 2023, Cyble Research & Intelligence Labs (CRIL) spoke about a new cybercriminal scheme that cybercriminals use to attack various organizations. This time, scammers are hiding behind the Zoom video conferencing service.
It is noted that against the backdrop of a pandemic, COVID-19 when funds for organizing remote work have become especially in demand, cybercriminals are increasingly conducting attacks using applications like Zoom. As part of the new scheme, scammers have formed a phishing page that completely copies the interface of the legal Zoom website. This page is used to distribute malicious software IcedID, also known as BokBot.
IcedID is usually distributed through spam messages with malicious attachments under the guise of Office files. However, in this campaign, attackers used a phishing website to deliver malware, which is not a typical method, the publication says. |
When you try to download the Zoom application through a phishing site, the user receives an installation file with the IcedID Trojan. After the malware is injected into the system, attackers are able to steal victims' bank credentials. This malware is aimed primarily at business and can be used to steal payment information. In addition, IcedID acts as a bootloader, allowing additional modules or other malware to be installed on an infected computer. CRIL emphasizes that IcedID is a very advanced malware. Attackers constantly modify the code of the Trojan and the tactics of its distribution in order to avoid detection by security means. How many users suffered during this cyber campaign is not specified.[1]
2022
Disabling access to paid video conferencing accounts in Russia for universities
Zoom began to turn off access to paid video conferencing accounts in Russia for universities. This became known at the end of October 2022.
According to Vedomosti, citing a source among Russian developers of video conferencing services, a "large university" turned to his company, to which "Zoom turned off the license paid until November." The interlocutor did not disclose the name of the university.
According to the public procurement portal, to which the publication refers, from large educational organizations, a contract for the use of Zoom until the end of November 2022 was concluded only at the Russian State University of Justice for its branch in Kazan. According to the newspaper, several more Russian universities faced a refusal of service from Zoom, including the Russian State Social University and Orenburg State Medical University.
Renat Lashin, executive director of the Domestic Software Software Developers Association, told the publication that state-owned companies stopped using paid Zoom back in 2021, and in 2022 large businesses began to refuse service services.
Competition between Russian developers and technological classes of solutions comes to the fore, so if Zoom leaves Russia, nothing terrible will happen, "said Lashin. |
By the end of October 2022, Zoom is offering users several tariff plans. The free tariff allows you to hold conferences for up to 40 minutes with the participation of up to 100 people; "professional" ($149.9 per year per user at the time of publication) removes the time limit, but not the number of participants; "business" ($199.9) increases the member limit to 300; in the tariff "enterprise" the number of participants is up to 1 thousand people, the price is not indicated.[2]
Zoom vulnerability allows you to hack a victim through a message
On May 25, 2022, it became known that Google experts recommend Zoom users to update application clients to version 5.10.0 in order to apply fixes to a number of vulnerabilities discovered by Google Project Zero security researcher Ivan Fratrick.
"In attack order to achieve the goal, you don't even need to interact with the user directly. To the malefactor just be able to send messages to the victim on to the protocol XMPP the Zoom chat, "- Fratrick said in a description of the vulnerability chain. |
After examining the differences in parsing an XMPP message between the server and Zoom clients, Fratrick was able to uncover a chain of vulnerabilities that allowed attackers to remotely execute malicious code. Deciding to recreate the attack, the researcher sent a specially created message, used an intermediary attack, and then was able to connect the "victim" to his server, which provides the old version of the Zoom client in mid-2019.
"Setup for this version is still signed properly, but does not perform any security checks on the installation cab file. To demonstrate the principle of the attack, I replaced Zoom.exe in the cab file with a binary file that opened the standard Windows calculator, and immediately after installing the "update" I saw the calculator running, " added Fratrick. |
In a security bulletin published last week, Zoom said the researcher also found a vulnerability that allows user session cookies to be sent to a non-company domain. This vulnerability allowed attackers to conduct spoofing attacks.
Below is a list of vulnerabilities patched by Zoom after Fratrick's report:
- CVE-2022-22786 - allows you to downgrade the Zoom client and affects only Windows users;
- CVE-2022-22784;
- CVE-2022-22785;
- CVE-2022-22787.
Three other vulnerabilities affect Android, iOS, Linux, macOS and Windows.
A Google Project Zero researcher discovered the vulnerabilities in February, the same month Zoom fixed them on the server side, and released updated clients on April 24.[3]
2021
Fix vulnerabilities that allow you to intercept any data from internal conferences
Positive Technologies on November 12, 2021 announced that it had helped fix vulnerabilities in Zoom.
Attackers could intercept any data from internal conferences and attack the infrastructure of user companies.
Zoom Video Communications has fixed vulnerabilities in its line of local conference, negotiation and recording solutions - Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector and others. Errors identified by Positive Technologies expert Yegor Dimitrenko allowed, by introducing commands, to carry out an attack and gain access to the server with maximum privileges.
Users of the investigated software, distributed according to the on-premium model, are usually large companies that deploy these solutions on their network in order to prevent information leaks.
Malicious injection was possible due to the vulnerability of the CVE-2021-34414 (score 7.2 on the CVSS 3.1 scale) discovered by Yegor Dimitrenko. The problem is noted in the following Zoom on-premium applications:
- Meeting Connector Controller up to version 4.6.348.20201217,
- Meeting Connector MMR up to version 4.6.348.20201217,
- Recording Connector up to version 3.8.42.20200905,
- Virtual Room Connector up to version 4.4.6620.20201110,
8 Virtual Room Connector Load Balancer up to version 2.5.5495.20210326.
Another vulnerability (CVE-2021-34415 with a score of 7.5 on the CVSS 3.0 scale) could lead to a system failure. The error was found by Nikita Abramov in the Zoom On-Premium Meeting Connector Controller application, and the problem was fixed in version 4.6.358.20210205. As a result of exploiting this vulnerability, attackers could disrupt the performance of the software, thereby creating a situation where conferences using Zoom would not be possible.
The third vulnerability (CVE-2021-34416 with a score of 5.5 on the CVSS 3.0 scale) also allowed an attack to be carried out using command injection. The flaw identified by Yegor Dimitrenko concerns the following Zoom on-premium applications:
- Meeting Connector up to version 4.6.360.20210325,
- Meeting Connector MMR up to version 4.6.360.20210325,
- Recording Connector up to version 3.8.44.20210326,
- Virtual Room Connector up to version 4.4.6752.20210326,
- Virtual Room Connector Load Balancer up to version 2.5.5495.20210326.
The main danger of compromising these applications and gaining access to the command shell is that they handle traffic from all company conferences. Thus, an attacker can perform a MITM attack and intercept any data from conferences in real time, "said Yegor Dimitrenko. - Since applications of this type can be located on the perimeter, this allows external violators to execute arbitrary code on the server with root user privileges, which makes it possible to further promote the company's network. To exploit the vulnerability, an attacker requires the credentials of any user with administrative rights, such as the admin user, which is created in the default application. But due to the fact that the application does not adhere to a strict password policy and it does not have protection against password guessing through the web interface, it is not difficult to get a password for an attacker. |
The main reasons for the appearance of such vulnerabilities, Yegor Dimitrenko calls the lack of sufficient verification of user data.
Often you can find vulnerabilities of this class in applications to which server administration tasks are delegated. The peculiarity of this vulnerability is that it always leads to critical consequences and in most cases leads to full control over the infrastructure of the corporate network, - said Yegor Dimitrenko. |
German officials banned from using Zoom
In August 2021, the Hamburg government received an official warning about the inadmissibility of using the Zoom service due to problems with data protection. The Data Protection Agency (DPA) issued a public warning, writing in a press release that the Senate Chancellor's use of the popular videoconferencing tool violates the European Union's General Data Protection Regulation (GDPR) because user data is transferred for processing to servers located in the United States. Read more here.
Zoom backed down and allowed the Russian authorities and state-owned companies to use his connection. But under the new rules
The American video conferencing service Zoom, which at the end of March 2021 banned the Russian public sector from using its services, changed its decision. As it became known to CNews, domestic authorities and state-owned companies will still be able to use it, but on certain conditions[4].
Companies and public sector structures will be able to use Zoom, but for this they will have to buy accounts in this service directly, without the need to contact distributors in Russia. A Zoom spokesman told CNews that the service "still strives to serve customers in the Russian market and in the countries of the Commonwealth of Independent States (CIS) "" We are in the process of developing our approach in the region, and in the meantime new and existing customers in both the public and private sectors can submit a request to acquire Zoom accounts (accounts) directly through our website, "he added.
According to CNews, before the introduction of these changes, Russian legal entities had to purchase licenses through Zoom partners in Russia or their resellers. The purchase of licenses through the service website was available only for individuals.
Roskomnadzor recommended Russians to abandon Zoom
Roskomnadzor recommended that Russian users abandon the Zoom video conferencing service and switch to domestic counterparts. This was reported to TASS by the press service of the department.
"The use of foreign services by our companies and government agencies will always carry both the risks of denial of service by the administrations of foreign platforms and leaks due to their fault of the data of our citizens and companies," Roskomnadzor is sure. |
Ban on sales to state institutions and state-owned companies in Russia and the CIS
The American company Zoom Video Communications sent a letter to its Russian partners in April 2021, in which it warned of the withdrawal from March 31, 2021 of authorization to sell its video conferencing service to organizations with state participation in Russia, CNews reports .
Authorized Zoom partners for the sale of licenses are RightConf (WrightConf), Rokada (Rokada LLC), as well as the international corporation Unify Square.
As you know, the free version of the service is designed for private users and small enterprises. This version allows you to conduct an unlimited number of one-on-one conferences, as for group conferences, their duration is limited to 40 minutes.
In the paid version of Zoom Pro, there is no limit on the duration of the video conference, and up to 100 participants can also be connected. Along with the license, access to 1 GB of cloud storage for MP4 video recording is provided.
Public authorities rarely acquired a license to use Zoom. But organizations with state participation use the service much more often. In particular, the license was bought by Sheremetyevo Airport, Gazprom and VTB structures, cultural institutions, as well as higher educational institutions.
The restrictions imposed by American companies against Russia, following Washington's sanctions policy, will have a weak effect on Russian users, but will harm US business interests in the world market, said Sergei Mironov, leader of the Fair Russia-For Truth party.
"To spite us, our ears were frozen! Or, as they say in the West, they shot themselves in the leg. It is clear that our state-owned companies, and indeed Russian citizens, can perfectly do without this service. Its analogues are already being actively introduced, and after such restrictions they will be introduced even faster! I have no doubt about domestic programmers and IT specialists who have already proven their high level all over the world. So we will not be left without communication and the Internet. We are pursuing our own course, developing import substitution and equal cooperation with countries that are ready for it, "said Sergei Mironov. |
He noted that the loss of part of the Russian market carries not so much economic as reputation risks for the service, which has become in demand and popular around the world during the pandemic.
"It is likely that the US authorities began to feel dizzy about the successes. They thought that we could not do without their services, and decided to punish us. But it's just ridiculous! Not only will it not work to punish us in this way, but also trust is undermined in their companies, exposing them as conductors of sanctions policy. And trust in business is a key thing. With the notorious social networks of the United States, which banned their former president, the same story, in fact, came out. What self-respecting country will want to deal with the Americans after this, knowing that at any time they can "turn off the switch"? "The parliamentarian asked. |
Rostec employees banned from communicating in Zoom for work
As it became known in March 2021, Rostec employees were banned from communicating on Zoom, Skype and WhatsApp for work. Instead, it is proposed to use domestic products, including those developed by the state corporation itself. Read more here.
2020
Zoom will implement end-to-end encryption in four stages
Zoom has confirmed that it will begin deploying end-to-end encryption. The process will take place in three stages: first, a preview will be released, and within the first 30 days, users will send their comments and feedback to the company, and then there will be three more stages. This became known on October 15, 2020.
For quite some time, end-to-end encryption in the Zoom conference service has been a parable for the company. It has been criticized more than once, especially when it announced its intention to implement end-to-end encryption only for paid users. Human rights activists said basic security measures should not be considered a premium feature, and Zoom had to withdraw its announcement.
End-to-end encryption in Zoom will be based on existing GCM encryption, only cryptographic keys will be managed not by the company's servers, as before, but by meeting organizers who themselves will be able to generate encryption keys and use public key encryption to provide keys to each meeting participant. In other words, Zoom will not be able to access the keys needed to decrypt video chat content, as they will be generated and stored locally on users' devices.
The green shield icon in the upper left corner will indicate that the video call is protected by end-to-end encryption. All meeting participants will be able to see the organizer's security code and check it with the code on their screens.
In order to start using end-to-end encryption, meeting organizers must activate the encryption option in their account settings, and all meeting participants must also enable it in their applications.
During the first stage, certain functionality for encrypted calls will be disabled, including discussion rooms, cloud recordings, polling, real-time translation, one-on-one chats and reactions.
The first stage of implementation of end-to-end encryption is scheduled for the second half of October 2020. It is not known when Zoom intends to implement the remaining three stages, however, according to the company, the second stage will begin "approximately in 2021[5].
How in Russia they steal money from Zoom users
On October 6, 2020, it became known about a new fraudulent scheme aimed at users of the Zoom video conferencing service. to cyber threat About told in the company. Group-IB
The essence of the scam is that under the guise of receiving monetary compensation "in connection with the COVID-2019" or for subscribing to the service, Zoom users are lured to fraudulent sites where money and bank card data are stolen.
At the same time, letters are sent not from a fake domain, but from an official service. The thing is that when registering, Zoom invites the user to fill out a profile - specify "Name" and "Last Name," providing the ability to insert up to 64 characters into each field. Fraudsters use this opportunity by inserting the phrase: "You are entitled to compensation in connection with COVID-19" and indicate a link to a fraudulent site.
The sending of fraudulent messages itself also takes place using the capability of the service. After registration, Zoom invites a new client to invite up to ten new users by specifying their mailing address. Scammers enter the addresses of potential victims who receive an official notification on behalf of the video conferencing service team (no-reply @ zoom [.] us), but with content generated by Internet scammers.
After the victim goes to fraudulent sites, they are asked to enter the last 4 or 6 digits of their bank card number. Fraudsters calculate "compensation" for the user: from 30,000 to 250,000 rubles. But in order to receive this money, the victim had to pay a small amount "for legal assistance in filling out the questionnaire" - about 1000 rubles. As a result, users enter "plastic" data (number, owner name, validity period, CVV code) on a fraudulent resource - as a result, they lose both money and bank card data[6]
Pyrus Service Desk Integration
In 2020, Pyrus Service Desk has become available integration with the Zoom Meetings video conferencing service: users can launch video calls with colleagues or customers in Zoom with one click from the task pages in Pyrus. Read more here.
The ability to place Zoom services on the Yandex.Cloud platform
On August 10, 2020, Yandex.Cloud and RightConf, the official representative of the Zoom service in Russia, announced the start of joint provision of services to corporate clients. Now companies that acquire a license from RightConf to use Zoom can also choose to host servers on the Yandex.Cloud platform. In this case, all user traffic will be processed in Russia, this will increase the security and quality of communication.
Zoom works through servers located in Europe, and the maximum video quality does not exceed 640x360 pixels. HD-image quality is available on Zoom servers in Yandex.Cloud, that is, at least 1280x720 pixels, with the ability to increase the resolution to 1920 x 1080. When launching Zoom on the Yandex.Cloud platform, the time for exchanging information with the server for Russian users will decrease by 5-7 times, respectively, the quality of communication will increase, and there will be fewer distortions and delays in sound and video. Read more here.
Identifying a vulnerability in the Zoom Vanity URL that allowed hackers to manipulate links to meeting identifiers
A team of researchers at Check Point Research, a division of cybersecurity solutions provider Check Point Software Technologies Ltd., helped Zoom mitigate risks associated with a potential security issue in the Zoom Vanity URLs feature. The feature allowed hackers to send invitations to Zoom business meetings that looked like coming from a victim company. The hackers' goal was to spread malware and steal user data, Check Point reported on July 16, 2020.
Vanity URL - URL of a specific company, looks like yourcompany.zoom.us. The company may mark this page with a logo or trademarks. To join a meeting, users simply follow the link.
When using a Vanity URL problem hacker , could impersonate a victim company employee, send an invitation from the Vanity URL of the victim company to the customers of that company to gain their trust, and then simply intercept credentials data and confidential information or take other actions he needs.
Potential Vanity URL security issues were discovered by researchers in a collaboration in January 2019. This problem could allow a hacker to try to manipulate the Vanity URL in two ways:
- Direct link targeting: When organizing a meeting, a hacker could change the URL of the invitation to include a registered subdomain of his choice. In other words, if the original link was https://zoom.us/j/#########, an attacker can change it to https ://.<название организации>zoom.us/j./##########. Without special knowledge of cybersecurity, the user receiving this invitation may not have recognized whether the invitation was fake or it was created by a real organization.
- Focus on proprietary Zoom web interfaces: some organizations have their own Zoom web interface for conferences. The hacker could configure the interface of the victim company and could try to redirect the user to a malicious link. As in the previous case, without special knowledge, the victim could not immediately recognize the fake link.
As you know, the use of Zoom has increased during quarantine and self-isolation due to the COVID-19 pandemic. If in December 2019 the number of daily Zoom participants was about 10 million, then in April 2020 there were more than 300 million. Cybercriminals use this popularity in phishing attacks. For example, according to research by Check Point, the number of both registered domains with Zoom and fake Zoom programs has increased significantly.
Earlier in January 2019, the Check Point Research team was already working with Zoom to address another potential vulnerability that could have allowed hackers to join the meeting uninvited.
Integration with Pyrus Workflow Platform
The Pyrus workflow platform has announced integration into the Zoom video conferencing platform service. Integration will be available to all users regardless of the tariff plan. This became known on June 26, 2020. Read more here.
End-to-end encryption available to all users
On June 18, 2020, it became known that end-to-end encryption in Zoom will be available to all users.
As reported, after criticism from activists and users about Zoom's decision to provide end-to-end encryption only for paid users, company representatives announced their intention to make it available to all users, including free ones.
In early June 2020, the company began work on introducing end-to-end encryption into the service, but it was planned to provide access to the service only to users of the paid version of Zoom. Soon, the Foundation organization Mozilla electronic and the Frontier Foundation (, Electronic Frontier Foundation EFF), together with 19 thousand users, sent an open letter to the company, urging it not to turn "safety and privacy into a luxury." Digital rights organisations such as Fight for the future and MPower Change also expressed similar concerns in their letter.
After we released a draft version of Zoom end-to-end encryption (E2EE), we collaborated with civil rights organizations, the CISO board, child safety advocates, encryption experts, government representatives, our users and others to gather their feedback on the feature. We have also researched updated technologies and are ready to offer E2EE for all users. reported by Eric Yuan, CEO of Zoom |
As representatives of the company noted, free users will have to confirm their account by phone number. This measure will help in the fight against attackers who create multiple accounts.
Encryption has certain limitations: If enabled, participants with traditional PSTN phone lines will not be able to join the conversation. Because it is an optional feature, the user can manually enable or disable encryption.
Earlier, information security experts during a study of the service discovered multiple security problems, one of which was related to encryption. For example, Zoom sent encryption keys to a server in China, where, according to the law of the country, they could be requested by the Chinese authorities. In addition, the developers of the application ambiguously interpreted the term "end-to-end" encryption, which misled users[7].
Integration with Genesys Cloud
On May 28, 2020, Genesys announced its partnership with Zoom Video Communications Corporation. The goal of the project is to simplify and increase the efficiency of interaction between corporate teams. By integrating the Genesys Cloud infrastructure with Zoom Phone and Zoom Meetings, organizations can fully implement corporate communications strategies and increase collaboration efficiency. Read more here.
Ban in Indonesian government
On April 23, 2020, it became known about the ban on the use of Zoom in the Indonesian government. The local Ministry of Defense saw in this service risks for intercepting the content of conversations. Read more here.
Two previously unknown vulnerabilities in Zoom are up for sale
Two exploits for uncorrected vulnerabilities in Zoom are up for sale on a cybercriminal forum, allowing you to spy on someone else's video calls. According to several sources from Motherboard, one exploit is for a vulnerability in the Zoom client for Windows, and another for macOS. This became known on April 16, 2020.
I do not think that they will have a long shelf life, since when zero-day vulnerabilities begin to be exploited, they become known about them, noted Adriel Desautels, founder of Netragard, which previously sold zero-day vulnerabilities
|
According to another source, a vulnerability in the Zoom Windows client allows you to remotely execute code on the attacked system and is "ideal for industrial espionage." With its help, an attacker can gain access to the vulnerable Zoom client, but in order to gain control over the entire system, it must be exploited in conjunction with another bug. A vulnerability in macOS does not allow code to be executed remotely.
The exploit for the Zoom Windows client costs $500,000, however, according to sources, the price is at least doubled. You can use the exploit only during a video call with the victim. In other words, the attacker will not be able to remain unnoticed, which significantly reduces interest in the exploit from the special services.
{{quote 'author = Zoom representatives reported[8]' Zoom is serious about the security of its users. Having learned about the rumors, we continuously work with a reliable information security company, which is one of the leaders in the market, to investigate them. As of April 2020, we found no facts to support the validity of these statements, }}
Revealed 1.3 thousand malware with the name of video conferencing services
In mid-April 2020, Kaspersky Lab announced the detection of about 1.3 thousand malicious programs that disguise themselves as popular video conferencing services, including Zoom, Webex and Slack. Read more here.
Larry Ellison: Zoom has become a vital service for Oracle
In April 2020, amid numerous claims about Zoom security, Oracle founder and chairman Larry Ellison praised this video conferencing service.
Zoom has become an indispensable service for us. It allows us to keep developing, it allows us to keep supporting our customers, keep doing sales - even when we're at home, "Allison said in a video posted to YouTube. - We are waiting for the economy to revive, when we can return to work in full, but we will never work again as before. We will now meet not only live: sometimes we will meet live, and sometimes virtually in Zoom. |
Zoom has become an integral tool for Oracle, for companies in the United States, for companies around the world. The service helps the economy continue to function despite the COVID-19 pandemic, he added in his 50-second video message. |
After that, the companies exchanged pleasantries on Twitter: Zoom thanked Ellison for "such a meaningful video," and the head of Oracle responded to this tweet with his own: "Thank you, Zoom, for helping us stay in touch. You changed our work! "
Larry Ellison praised Zoom, despite recent service failures - in March 2020, some users complained about problems with logging in and organizing conferences. This was due to the fact that the company was not ready for a sharp increase in the number of active users per day: in comparison, it increased by 151% year-on-year. The reason for such a sharp increase was the fact that many employees began to go online after quarantine was announced.
It's worth adding that Zoom is powered by the cloud infrastructure of Amazon Web Services and Oracle.[9]
The first major bank abandoned Zoom
In April 2020, it became known that Standard Chartered became the first major financial institution on the international market to recommend that all its employees during the COVID-19 pandemic refrain from using the Zoom video conferencing solution in their workplaces. Read more here.
Data of 500 thousand Zoom users were on sale on the dark web
In early April 2020, it became known that more than 500 thousand Zoom accounts appeared on the darknet, which were put up for sale. This data contains email addresses, passwords, URLs for organizing private meetings, as well as personal conference identifiers (a digital code that is used in certain cases).
The published data allows hackers to "zoom in" - this is a form of trolling in which an attacker places arbitrary content in other people's Zoom videoconferences, more often of an offensive nature. Recently, a virtual synagogue, a women's community and an Alcoholics Anonymous club have been at the crosshairs of trolls.
So, when attacking the club of anonymous alcoholics, the attackers inserted into the video voice-over with the words: "Drinking is so beautiful," and when attacking the synagogue - offensive anti-Semitic statements.
Cyble, a company specializing in, cyber security said that it managed to negotiate with hackers to acquire data from approximately 530 thousand accounts at a price of $0.002 per account ($1.6 thousand for the entire database). Many accounts are owned by organizations, including Citibank Chase and various educational institutions. At the same time, as it turned out, on some forums, some of the stolen data was offered for free.
This does not mean that Zoom was hacked - although at the beginning of 2020, after a sharp increase in the popularity of the service due to quarantines introduced in many countries, many complaints were made about its security. According to experts, hackers used previously stolen credentials in other services to hack accounts. According to statistics, logins and passwords obtained during hacker attacks on some services are in 0.1% of cases suitable on other sites.[10]
Ban on school lessons via Zoom in Singapore
In early April 2020, Singapore banned school lessons through Zoom after a series of "very serious incidents" in the first week of coronavirus quarantine. Read more here.
Courts in Ukraine allowed to hold meetings in Zoom
On April 10, 2020, it became known that Ukrainian courts were allowed to hold meetings via video link, including using the Zoom service. This innovation was adopted after the introduction of quarantine and transport restrictions in the country. Read more here.
Zoom app blocked on Google desktops
On April 8, 2020, Google announced the blocking of the Zoom video conferencing service on the computers of all employees of the company and explained its decision by concerns for data security.
Recently, our security service notified employees using the Zoom Desktop Client that the program will no longer work on corporate computers, since it does not meet our security standards for applications that our employees work with, Google spokesman Jose Castaneda quoted Reuters as saying. |
Google noted that the company is against employees using applications that are not part of the Google ecosystem to work. The company has its own Meet video calling service that competes with Zoom.
Google employees cannot communicate in the Zoom app installed on work computers, but can continue to use its mobile or web versions.
Google has joined the list of companies and government agencies, abandoning the use of the Zoom application, which became popular during quarantine due to the COVID-19 coronavirus. Zoom is used as for virtual gatherings for cocktails or coffee before corporate meetings and distance learning. In March 2020, the daily audience of the service exceeded 200 million people.
Taiwan authorities were the first at the state level to ban institutions from using Zoom. After the release of this order, the country's Ministry of Education introduced a ban on the use of Zoom in schools. It is expected that the example of Taiwan may be followed by the governments of other countries.
The German Foreign Ministry, in an internal circular for employees, restricted the use of the Zoom video conferencing app, attributing the decision to having security and data protection issues that make its use risky.[11]
New York schools abandon Zoom VKS service for fear of data drain
In early April 2020, schools in New York abandoned the use of the Zoom service for distance learning due to security issues in the video conferencing service. Instead, schools will switch to Microsoft services. Read more here.
As part of the Remote package from Tinkoff Mobile
On April 7, 2020, Tinkoff Mobile launched the Remote package offer with unlimited traffic for remote work applications - online services for working communication Zoom, Slack, Microsoft Teams, Skype, as well as project management service Trello. Read more here.
Testing DeviceLock DLP when using Zoom VKS and Skype messenger
On March 30, 2020, it became known that the company DeviceLock Russian , the developer of the anti-anti system, data breaches DeviceLock DLP conducted additional testing of its solution when using videoconferences Zoom and services. messenger Skype More. here
Ability to create an invitation link from the Microsoft Dynamics 365 CRM system using Korus CRM Messengers
On March 27, 2020, Corus Consulting GK "" announced that now users Microsoft Dynamics 365 can CRM create an invitation link to video in Zoom directly from the system interface and send it mail to or to any convenient participants messenger using the module. KORUS CRM - Messengers More. here
How to use Zoom safely? Check Point Tips
Due to the COVID-19 pandemic, more and more people are staying at home, rather than going to work or meeting with friends. Up to 50% of employees worldwide can now work remotely. Online communication platforms have become necessary for personal and business interaction with the rest of the world. One of the most popular such platforms is Zoom - it has about 20% of the global market.
As with any popular technology, there are risks along with the obvious benefits. In early 2020, the Check Point Research team already reported misuse of the app, where third parties could listen to other face-to-face meetings and conversations. This could lead to personal data leaks or corporate espionage.
How can I safely enjoy the benefits of Zoom? On March 26, 2020, the Check Point team discussed some recommendations:
1. Install updates in time
For security, Zoom software must be updated frequently. Updates that tech companies offer for their products not only add new options and features, but also fix bugs and detected security breaches, such as the ability to find and listen to appointments. It is important to understand that attackers' use of vulnerabilities is not eliminated after the company releases the update, but only after users install it on a specific device. Users who have not updated the software remain vulnerable.
2. Use your password to log in
Check Point experts examined Zoom conferences and showed that attackers can guess and infiltrate the numbers assigned to Zoom conference URLs. The violation occurred in conversations where no passwords were set. Zoom fixed the security flaw and adopted the Check Point recommendations. All scheduled appointments are automatically password protected. The requirement to provide a password before entering the conference, in addition to displaying the call number, provides sufficient security. In order to be fully protected, you need to pay attention to how we invite various participants to the meeting.
Along with the secure method, which involves sending the caller ID and password to call, there is a less secure option. This option uses the Invite button at the bottom of the screen, then Copy URL or Copy Invitation to send to someone you want to attach to the call. Since this link does not require a password, pay attention to whom and how it is provided. Anyone with a link can enter the call without showing an identification number or entering a password. It is also recommended to connect to Zoom via SSO (single sign-on) if your company has the ability to do so.
Another way to control those who enter the conversation is the Waiting Room option. The call administrator creates a "Waiting Room" through which members can join, but only after the administrator confirms them. You can do this from the Advanced Options drop-down menu if you want to schedule a call.
3. Manage the rights of callers
Even if you choose to use the less secure option of sharing links, you can prevent members from showing inappropriate content by restricting members from using the camera. The conversation administrator can decide who can use the camera and microphone by clicking Manage Participants.
4. Remember: what happens in Zoom does not remain only in Zoom
Zoom allows you to record video calls and export them as video files as soon as the call is over. This is a very useful tool if you want to share information with those who did not attend the meeting. The security issue that occurs when using this tool does not require explanation: since the participants in the conversation can export the recorded file, it can fall into the hands of intruders.
If you are discussing sensitive information, the administrator can decide which member can record the call. This can be done through the participant management window - click "Allow recording."
Also note that the participant can always record the conversation using external screen recording software. Always remember that you can be recorded.
After the call, if you were recording it, make sure you don't upload it to a shared platform, such as an information-sharing cloud that is open to other parties.
The Zoom platform offers many benefits for those who should work from home. But as with any tool, it's important to be aware of the risks and use the features available to you on the platform to communicate securely.
TrueConf Server Compatibility
On January 22, 2020, TrueConf announced the achievement of compatibility of the domestic TrueConf Server VKS system with popular cloud web conferencing platforms - Zoom, Cisco WebEx, BlueJeans Meetings and LifeSize Cloud. Integration will allow TrueConf users to connect to web conferences on foreign services in two clicks directly from TrueConf client applications. Read more here
2019
A vulnerability that allows you to eavesdrop on other people's conversations
On October 2, 2019, it became known that WebEx and Zoom are subject to the Prior-Eye enumeration (user enumeration) attack. Read more here.
Integration with ISpring Learn
On July 11, 2019, it became known that iSpring, a company for the development of applications and services for distance learning, announced the release of the integration of RESiSpring Learn with the webinar service - Zoom Meetings. Read more here.
Zoom Meetings Description
Zoom Meetings allows you to:
- Connect a virtual background and select an image to your liking (available on the iPhone);
- Enable display, and connect to collaboration;
- Use Zoom Meetings in safe driving mode or Apple Carplay
Features:
- HD video and -audio
- High quality video and audio for meetings with up to 1,000 attendees and 49 screens
- Secure connection
- End-to-end encryption for all meetings, user protection, waiting rooms, and visitor retention
- Modern planner
- Schedule or run appointments through Outlook, Gmail, iCal, Skype for business (microsoft lync), and more
- Meeting records
- The ability to record your meetings on local media or cloud, organize a database for searching for records
- Messenger for business
- Group chat, history search, built-in file sharing, 10-year archive.
- Collaboration Tools
- Multiple members can share their screens simultaneously and co-comment on them for a more interactive meeting
Zoom Cloud Meetings synchronizes with the calendar and provides high-quality communication from desktop computers and portable devices.
Zoom Business Chat
Built-in constant instant messaging makes it easier to share your workspace on both desktop and mobile. Create common and private workgroups, share files, screenshots, and easily search the attachment database.
Administration and Control
Centralized IT management and remote technical support simplifies the development and support process. It is possible to track dynamics and collect statistics, manage access levels for an account, group, and user level.
Notes
- ↑ Latest phishing campaign hits Zoom users with malware
- ↑ Zoom began to turn off access to paid video conferencing accounts for universities
- ↑ New Zoom vulnerability: you can hack a victim through a message
- ↑ Zoom backed down and allowed the Russian authorities and state-owned companies to use its connection. But under the new rules
- ↑ " Zoom will implement end-to-end encryption in four stages
- ↑ Group-IB discovers new scheme to steal money from Zoom users
- ↑ End-to-end encryption in Zoom will be available to all users
- ↑ Two previously unknown vulnerabilities in Zoom are for sale
- ↑ Larry Ellison Calls Zoom ‘Essential Service For Oracle’
- ↑ Researchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each
- ↑ Google bans Zoom software from employee laptops