Connect with us

Hi, what are you looking for?

Tech & Science

New malware threat aimed at Zoom users

In this recent wave of attacks, the malicious code was disguised as a Zoom installer file.

Zoom in operation. Image: © Tim Sandle
Zoom in operation. Image: © Tim Sandle

IcedID malware recently targeted Zoom users. IcedID, also known as BokBot, is a banking trojan that enables attackers to steal victims’ banking credentials. IcedID is a modular banking trojan that targets user financial information and is capable of acting as a dropper for other malware.

In this recent wave of attacks, the malicious code was disguised as a Zoom installer file in order to be opened in error. Once activated, the code functions to maliciously steal banking credentials from businesses.

Zoom as an application is secure. End-to-end Encryption, when enabled, ensures that communication between all meeting participants in a given meeting is encrypted using cryptographic keys known only to the devices of those participants. However, risks can arise from third party applications or emails.

Zoom also has the facility for two-factor authentication to be enabled, as a tool to enable users to further protect their accounts.

This situation demonstrates one of the challenges and vulnerabilities of video conferencing platforms. This comes at a time when video conferencing are now considered a mission critical application for many business units.

George Waller, co-founder and CEO of Zerify tells Digital Journal that he believes hackers are determined to succeed in their phishing attacks and are using video conferencing platforms as a means to their end.

Waller explains: “Video conferencing is a key organizational tool that companies use daily for communications with employees, customers business partners, clients and other contacts essential to the business.”

He adds: “This Zoom phishing attack is just another example of how easy it is to breach existing corporate defenses and install malware onto a corporate network. Once malware is installed, all sorts of havoc can ensue — from ransomware to exploiting a computer’s camera, microphone, keyboard and clipboard and stealing desktop screenshots.”

In terms of those operating behind the scenes, Waller observes: “Hackers who employ malware are persistent, and they’re determined and often successful at getting their malware on your endpoint. Therefore, it is crucial to take a proactive approach and lock down their endpoint computers knowing that malware steals sensitive user data and corporate and confidential information.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

The first crewed mission was scheduled to launch in April but will now likely take place sometime this summer.

Tech & Science

Artificial Intelligence is having a significant impact on industries and will continue to shape the way we live and work.


Elon Musk has put the value of his Twitter platform at $20 billion, less than half what he paid for it five months earlier...

Tech & Science

Referred to as the Laguerre–Gauss beam, the light travels through this empty space without interacting with the filament.