REUTERS/ Albert Gea
- An online tool automatically discovers Zoom meetings - including private ones - and hackers are using it to troll people.
- The practice of "Zoom-bombing" is becoming increasingly widespread, as trolls barge into video conferences uninvited to offend or annoy strangers.
- The only way to ensure your Zoom meeting is safe is to set up a password. Here's how.
- Visit Business Insider's homepage for more stories.
As the coronavirus outbreak forces hundreds of millions of people to stay home, meetings have moved to online video conferences en masse using platforms like Zoom. But hackers have spotted an opportunity.
Zoom, which ballooned from 10 million users in December to over 200 million users today, is increasingly a target for trolls. "Zoom bombing" is becoming widespread, with intruders joining meetings uninvited to pester classrooms, events, and even Alcoholics Anonymous meetings.
The FBI has even issued a warning about Zoom bombing, advising people to up their security to avoid the attacks. Zoom announced on Thursday that it would put a 90-day freeze on new features in order to focus on bolstering the platform's security.
In order to find Zoom calls to join without an invite, hackers are using an online tool called zWarDial, according to a new report from cybersecurity researcher Brian Krebs. Every Zoom meeting has a unique meeting ID, and zWarDial is an automated tool that guesses IDs until it finds one that works. If there's no password on a meeting, the intruder will be instantly added to the call.
The only way to protect against such intruders is to set a password for the meeting. While Zoom says passwords are now enabled by default for new users, enterprise clients like schools and businesses may not have this setting enabled.
Zoom
Zoom users can turn on password requirements on the Zoom settings page.