Cyber criminals are proposing a $500,000 security breach that allows users of the Zoom video conferencing application to make available to the buyer.
It is clear then that these hackers have inevitably found zero-day flaws. For such a high price, it seems in all likelihood the security flaw is very important and that would allow to carry out rather severe actions against users of the application. In other words, the information that a person would have that security breach would have seems to be truly important. It is thought that it may not be certain personal information that would require direct contact with a user in order to obtain it or be the user himself. Maybe even more.
This article will also interest you: Data leak at Zoom
Since the rise of the Zoom video conferencing application, the problem has been pouring in on both sides. From 10 million users in late 2019 to 200 million in April 2019, it's a feat that few applications of its kind could boast. However, success is often a double-edged sword. Since March, Zoom has been tossed between security flaws and scandals, moving from the most popular application to the earlier-doubt-ing app. And it is very clear that an application that has grown rapidly has indeed attracted the attention of cyber criminals. Above all, the recent security and bug problems encountered by the videoconferencing application has inevitably put the chip in their ears. Currently, it is clear that cybersecurity experts have set out to dissect the application code in order to find a possible security flaw to monetize. At the beginning of april, this is confirmed. Indeed, the American site Motherboard, then revealed two zero day flaws on the Mac OS and Windows version of Zoom. And unfortunately as the flaws were not known to the app's editor, he was unable to make the necessary security fixes in time. And it would seem that so far these vulnerabilities are still running, so exploitable by cyber-evilrs.
However, by offering $500,000 to sell a vulnerability, we are thinking that not only is it important, but that the target sought here by cyber criminals is of a fairly high standard. According to some experts who have speculated on the issue, this may be a fairly critical security flaw that would allow hackers to remotely execute malicious code. In other words, a hacker who has access to such a flaw will be able to install malware on the target person's terminal. it will also be possible for the holders of this loophole to access the content of the terminal as a whole, the various conversations between users. In short, this could facilitate a kind of espionage.
It is clear that this will interest potential customers. The sum is certainly high but not at all exaggerated. It is common practice that a Zero Day fault can sell for up to $2 million. Well, it will also depend on the popularity of the system and what the flaw can serve. For the director of the research and analysis team of Russian cybersecurity company Kaspersky, Costlin Raiu it is clear that the price of the security flaw put up for sale is overvalued, however, he has no doubt that "people will surely pay. If many experts believe that the vulnerability should be up to half as expensive, it is because one of the essential conditions for its exploitation greatly limits its exploitation: the hacker must be on appeal with his victim. ».
On the other hand, the leaders of the video conferencing application have publicly announced that they are aware of the sale of the flaw in question. However, they admit that they have not yet been able to identify the flaws in question. They added that if people start exploiting this vulnerability, it will be possible to glean enough information to locate it.
If any software or computer program has Zero day flaws. This umpteenth problem risks tarnishing Zoom's image. Especially as the big names (Spacex, Google…) Have professionally asked their employees to stop using the tool in question.
Now access an unlimited number of passwords: