Trusted

Researchers Find Flaw That Allows Hackers Join Zoom Calls Uninvited

2 mins
By
Updated by
Join our Trading Community on Telegram
Popular teleconferencing platform Zoom is the latest tech company with a security flaw. A new research report has exposed a vulnerability that could offer access to video calls made on the platform.

Hackers Could Guess Meeting IDs and Join Calls

The report was compiled by the cybersecurity firm Check Point Research. The firm explained that all the video calls have an inherent flaw that could allow hackers to join calls without being invited and also access any files or information that is being shared throughout the call. Every call made on Zoom has a number, between 9 and 11 digits long, that is randomly generated and used as an address for participants. Check Point’s researchers were able to predict valid meetings about 4 percent of the time, Yanks Balmas, the Head of Cyber Research at Check Point, explained in the report. “It was sort of like Zoom roulette. The implications would be, if you’re having a video chat and have multiple members joining, you may not notice if someone who isn’t supposed to be there is sitting there listening to you,” he explained. Since a Zoom call can accommodate tens of thousands of participants with limited screening measures, attackers could easily sneak into calls and eavesdrop on the entire conversation. Zoom

Zoom’s Mitigation Steps

Check Point explained that after reporting the issue to Zoom Communications, the firm replaced the randomized ID number, added passwords for meetings and disabled the ability to scan for meetings randomly. Going forward, Zoom will also stop showing the validity of a meeting ID whenever a user loads a page. Instead, the page will load and launch an attempt to join the meeting, thus preventing hackers from easily moving through the available pool of meeting IDs. Repeated attempts to scan for IDs will also lead to the device itself being temporarily blocked from the service. The news is coming on the heels of a recently announced update to the Zoom Phone. The cloud-calling platform was introduced last April by the firm, and in the new update, it added improved contact center integration and expanded on phones using 5G Moto Mod, and the Samsung Galaxy S10 series.
Images are courtesy of Shutterstock, Twitter, Pixabay.
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Sponsored
Sponsored