Video chat app Zoom zoomed to fame with the ongoing lockdown in several countries across the globe to curb the spread of Coronavirus. Almost simultaneously with its rise, several cyber security and privacy loopholes were discovered in the app.
Now, a new report indicates that the exploits from hacking of the app are now being sold on the darkest corners of the Internet - the Dark Web. The exploits are a result of all the vulnerabilities of the app - ranging from those in webcam to microphone to all the incorporated data in between, including the passwords, emails and device information. A recent Motherboard interview with a hacker reveals that these exploits are now being sold on the Dark Web. The hacker claims to have been a part of the trade himself. As per the interview, the hacker traded exploits found in Zoom on the black market. The hacker also mentions that such Zoom flaws typically sell for between $5,000 (Rs 3.8 lakh) to $30,000 (Rs 22.8 lakh). That, however, is not the idle price for some of the other exploits sold on the Dark Web.
In addition, the app has exposed LinkedIn profiles and has been found with a “malware-like” installer for macOS. The app now faces a lawsuit in the US District Court for the Northern District of California for a lack of end-to-end encryption and disclosure of the vulnerabilities to its users. The app has also been banned by Google for its employees.