Zoom fixed a vanity URL issue that could have led to phishing attacks

Zoom says it has fixed a security issue that would have let hackers manipulate organizations’ custom URLs for the service and send legitimate-seeming meeting invitations. If a victim accepted the invitation and attended the meeting, the phony caller may have been able to inject malware into their device or carry out a phishing attack.

Hackers could have taken advantage of the exploit in two ways. One involved changing a vanity URL (i.e. http://[whatever].zoom.com) to include a direct link to a phony meeting. The other centered around targeting an organization’s own Zoom web interface, and urging a victim to enter their meeting ID into a malicious vanity URL instead. A video shared by Zoom and Check Point Research, which helped identify and resolve the issue, shows how the exploit worked.

bitcoin
Bitcoin (BTC) $ 53,703.00
ethereum
Ethereum (ETH) $ 2,765.74
binance-coin
Binance Coin (BNB) $ 589.59
xrp
XRP (XRP) $ 1.40
tether
Tether (USDT) $ 0.998645
cardano
Cardano (ADA) $ 1.35
dogecoin
Dogecoin (DOGE) $ 0.309558
polkadot
Polkadot (DOT) $ 33.69
uniswap
Uniswap (UNI) $ 41.03
litecoin
Litecoin (LTC) $ 255.24