Sep 26 — If you land on a Zoom website that looks unfamiliar, it may be one of six fake Zoom sites created by a cyber criminal gang. The fake pages attempt to persuade people to download malware that can steal banking data, IP addresses and other information.
This appears to be part of a wider hacker-led info-stealing effort. Often, hackers run multiple info-stealing campaigns simultaneously in order to increase reach and to maximize profits.
Cyber criminals commonly impersonate brands with broad user groups. Amidst the coronavirus pandemic, Zoom’s user-base increased tremendously, turning the company into an attractive target for cyber criminals.
Cyber security researchers point out that Stealer Logs can provide access to valuable endpoints; access that is sold in cyber crime marketplaces.
Initial access to an organization enables cyber attackers to pursue further nefarious activities, ranging from ransomware deployment to intellectual property theft.
Experts recommend that enterprises and individuals avoid the malware in the Zoom spoofing campaign by:
- Implementing multi-factor authentication
- Ensuring automatic updates of systems
- Training employees to avoid clicking on untrusted links
- Requiring strong passwords
- Not downloading pirated software
Organizations may also wish to monitor network beacons to detect and stop hacker-based data exfiltration.
For more on this story, visit The Register. Lastly, to receive cutting-edge cyber security news, exclusive interviews, more expert analyses and leading security resources, please sign up for the CyberTalk.org newsletter.