Zoom fixed a vanity URL issue that could have led to phishing attacks

blank

Zoom says it has fixed a security issue that would have let hackers manipulate organizations’ custom URLs for the service and send legitimate-seeming meeting invitations. If a victim accepted the invitation and attended the meeting, the phony caller may have been able to inject malware into their device or carry out a phishing attack.

Hackers could have taken advantage of the exploit in two ways. One involved changing a vanity URL (i.e. http://[whatever].zoom.com) to include a direct link to a phony meeting. The other centered around targeting an organization’s own Zoom web interface, and urging a victim to enter their meeting ID into a malicious vanity URL instead. A video shared by Zoom and Check Point Research, which helped identify and resolve the issue, shows how the exploit worked.

Subscribe to the E-Crypto Newsletter

Sign up to the best of Crypto, Blockchain and Future Trends news.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
bitcoin
Bitcoin (BTC) $ 18,244.71
ethereum
Ethereum (ETH) $ 588.70
ripple
XRP (XRP) $ 0.536818
tether
Tether (USDT) $ 0.998486
chainlink
Chainlink (LINK) $ 14.77
litecoin
Litecoin (LTC) $ 85.97
bitcoin-cash
Bitcoin Cash (BCH) $ 305.95
polkadot
Polkadot (DOT) $ 5.64
cardano
Cardano (ADA) $ 0.149170
binancecoin
Binance Coin (BNB) $ 30.00