As reported by BleepingComputer, over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers. Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.

Zoom users need to be certain that they haven\’t used the same password as their other accounts online. Hackers use very simple tools to re-use passwords that are stolen in separate data breaches, an attack known as \’password stuffing\’. They are then able to quickly attempt to access all accounts with the same email address as the user name. Zoom users must never use the same password anywhere else, but it is especially crucial that the same password is not used for their email account too, or the attacker would be able to send invites from the victim, making the attack even more dangerous.