Zoom fixed a vanity URL issue that could have led to phishing attacks

0

Zoom says it has fixed a security issue that would have let hackers manipulate organizations’ custom URLs for the service and send legitimate-seeming meeting invitations. If a victim accepted the invitation and attended the meeting, the phony caller may have been able to inject malware into their device or carry out a phishing attack.

Hackers could have taken advantage of the exploit in two ways. One involved changing a vanity URL (i.e. http://[whatever].zoom.com) to include a direct link to a phony meeting. The other centered around targeting an organization’s own Zoom web interface, and urging a victim to enter their meeting ID into a malicious vanity URL instead. A video shared by Zoom and Check Point Research, which helped identify and resolve the issue, shows how the exploit worked.

Subscribe to the E-Crypto Newsletter

Sign up to the best of Crypto, Blockchain and Future Trends news.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.

Leave A Reply

Your email address will not be published.

bitcoin
Bitcoin (BTC) $ 11,808.14
ethereum
Ethereum (ETH) $ 395.00
ripple
XRP (XRP) $ 0.304332
tether
Tether (USDT) $ 1.00
bitcoin-cash
Bitcoin Cash (BCH) $ 314.19
cardano
Cardano (ADA) $ 0.145850
bitcoin-cash-sv
Bitcoin SV (BSV) $ 236.62
chainlink
ChainLink (LINK) $ 10.11
litecoin
Litecoin (LTC) $ 59.31
binancecoin
Binance Coin (BNB) $ 22.73