Connect with us

Hi, what are you looking for?

Tech & Science

New malware threat aimed at Zoom users

In this recent wave of attacks, the malicious code was disguised as a Zoom installer file.

Zoom in operation. Image: © Tim Sandle
Zoom in operation. Image: © Tim Sandle

IcedID malware recently targeted Zoom users. IcedID, also known as BokBot, is a banking trojan that enables attackers to steal victims’ banking credentials. IcedID is a modular banking trojan that targets user financial information and is capable of acting as a dropper for other malware.

In this recent wave of attacks, the malicious code was disguised as a Zoom installer file in order to be opened in error. Once activated, the code functions to maliciously steal banking credentials from businesses.

Zoom as an application is secure. End-to-end Encryption, when enabled, ensures that communication between all meeting participants in a given meeting is encrypted using cryptographic keys known only to the devices of those participants. However, risks can arise from third party applications or emails.

Zoom also has the facility for two-factor authentication to be enabled, as a tool to enable users to further protect their accounts.

This situation demonstrates one of the challenges and vulnerabilities of video conferencing platforms. This comes at a time when video conferencing are now considered a mission critical application for many business units.

George Waller, co-founder and CEO of Zerify tells Digital Journal that he believes hackers are determined to succeed in their phishing attacks and are using video conferencing platforms as a means to their end.

Waller explains: “Video conferencing is a key organizational tool that companies use daily for communications with employees, customers business partners, clients and other contacts essential to the business.”

He adds: “This Zoom phishing attack is just another example of how easy it is to breach existing corporate defenses and install malware onto a corporate network. Once malware is installed, all sorts of havoc can ensue — from ransomware to exploiting a computer’s camera, microphone, keyboard and clipboard and stealing desktop screenshots.”

In terms of those operating behind the scenes, Waller observes: “Hackers who employ malware are persistent, and they’re determined and often successful at getting their malware on your endpoint. Therefore, it is crucial to take a proactive approach and lock down their endpoint computers knowing that malware steals sensitive user data and corporate and confidential information.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

Liam Hemsworth as Owen Brophy in 'Lonely Planet.' Photo Credit: Hilary Bronwyn Gayle, Netflix.Australian actor Liam Hemsworth stars in the new movie “Lonely Planet”...

Business

The European Central Bank is expected to lower interest rates again this week.

Business

Many professionals do not realise that just by working in certain industries, their personal data—emails, passwords, financial details—can be compromised.

Life

The planned sale of France's best-selling medical drug to US investors has caused the government a splitting headache.