Zoom fixed a vanity URL issue that could have led to phishing attacks

Zoom says it has fixed a security issue that would have let hackers manipulate organizations’ custom URLs for the service and send legitimate-seeming meeting invitations. If a victim accepted the invitation and attended the meeting, the phony caller may have been able to inject malware into their device or carry out a phishing attack.

Hackers could have taken advantage of the exploit in two ways. One involved changing a vanity URL (i.e. http://[whatever].zoom.com) to include a direct link to a phony meeting. The other centered around targeting an organization’s own Zoom web interface, and urging a victim to enter their meeting ID into a malicious vanity URL instead. A video shared by Zoom and Check Point Research, which helped identify and resolve the issue, shows how the exploit worked.

bitcoin
Bitcoin (BTC) $ 45,711.00
ethereum
Ethereum (ETH) $ 1,411.97
cardano
Cardano (ADA) $ 1.22
tether
Tether (USDT) $ 0.995998
binance-coin
Binance Coin (BNB) $ 216.94
polkadot
Polkadot (DOT) $ 30.45
xrp
XRP (XRP) $ 0.425205
litecoin
Litecoin (LTC) $ 168.48
chainlink
Chainlink (LINK) $ 24.55
bitcoin-cash
Bitcoin Cash (BCH) $ 481.31