At the time when people are forced to work from home due to the Cornavirus pandemic and online communication platforms such as Zoom became extremely popular, especially in India which is currently following the lockdown measures, hackers are taking advantage of the spike in usage by registering new fake Zoom domains and malicious Zoom executable files in an attempt to trick people to download malware on their systems.
A recently published report has revealed that more than 1,700 new Zoom domains have been registered since the virus hit the world. It also revealed that 25 percent of these domains got registered in the past seven days alone.
The favourite communication app during Coronavirus pandemic
Zoom has become the most popular cloud-based communication platform with more than 74,000 customers and 13 million monthly active users. It offers video and audio conferencing, as well as options to host webinars and virtual meetings online. Recently, after the Coronavirus forced millions of people to stay at home and carry out daily office works from their residents, the popularity of Zoom has shot up.
Omer Dembinsky, Manager of Cyber Research at Check Point said the recently researchers have noticed a sharp rise in the number of Zoom domains registration, especially in the last week. He added, "The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure, and exploit. Each time you get a Zoom link or document messaged or forwarded to you, I'd take an extra look to make sure it's not a trap."
This report comes after a rise in the number of malicious coronavirus-related domains, with threat actors finding new ways to take advantage of the global health concern to launch a variety of malware attacks, such as phishing campaigns, and create scam sites as well as malicious tracker apps.
As per the threat report, the Check Point researchers also found malicious files, entitled with "zoom-us-zoom_##########.exe," which when executed, installed potentially unwanted programs, also known as PUPs, such as InstallCore, which is a dodgy bundleware application that is capable of installing other kinds of malware. The security experts also detected phishing sites disguised as Google Classroom (e.g., googloclassroom.com and googieclassroom.com) website to trick users into downloading malware.
In 2019, Zoom fixed a vulnerability that could let websites take control over users' webcam and "forcibly" join them to a Zoom call without their consent. Even earlier in January 2020, the company removed another bug that could have allowed cybercriminals to guess a meeting ID and join an unprotected meeting, exposing private audios, videos and documents shared throughout the session. Upon understanding the issue, the company introduced default passwords for each meeting that users need to enter while joining by manually entering the meeting ID.
Zoom recently updated its iOS app after it was accused of sending device information and a unique advertiser identifier to social media platform Facebook, by using the platform's software development kit (SDKs).
Zoom dethroned WhatsApp and TikTok
Despite all these issues Zoom became the most popular app on Play Store after defeating WhatsApp, TikTok and Instagram. So far, it has over 50 million downloads on Play Store and the numbers are only going up. WhatsApp slipped to the fifth position. The messaging app with over 400 million users in India has always remained on the top two.
Zoom is one of those companies which made a huge profit due to the COVID-19 pandemic. As per Adweek, it's popularity led the company to be named as the king of quarantine economy.