AboutPricing
Log inFree Trial!
Back to Blog
Hack

Zoom Allowed Hacker Access to Meetings Within Minutes

11.10.20

Zoom, the popular video meeting service that has upstaged skype in popularity in recent months, allowed several people to enter a private zoom meeting that included the UK Prime Minister and several cabinet members.


Zoom Allowed Hacker Access to Meetings Within Minutes

 

October 7, 2020


Zoom, the popular video meeting service that has upstaged skype in popularity in recent months, allowed several people to enter a private zoom meeting that included the UK Prime Minister and several cabinet members. 

 

How did this happen? The UK Prime Minister, Boris Johnson, tweeted out a screenshot of the private zoom meeting. You might think that this simple tweet was harmless. However, unfortunately, this was not so. The tweeted screenshot included the meeting identification number. This allows users to try to join the meeting. The only safe wall in place was a password-protected meeting. As some of you may know, in order to access a Zoom Meeting, you may be asked for a password. Thankfully, the password was not tweeted as well. 

 

Tom Anthony, an ethical hacker, noted that Zoom has default passwords set as having six digits and numeric. Anthony pointed out that this would result in approximately 1 million password possibilities. 

 

Anthony explains in his experience that, "A fairly standard principle of password security is to rate limit password attempts, to prevent an attacker from iterating over a list of candidate passwords and trying them all. I assumed that Zoom would be doing this, but decided to double-check."

The findings were shocking. Anthony noted that there was not a limit as to how many password attempts were possible, allowing for the approximately 1 million passwords noted as a possibility. Anthony notified Zoom on April 1st with this information, and a little over a week later, on April 9th, Zoom fixed the potential security risk.

 

Errors like these are possible in any workplace, even during a cabinet meeting with the UK's Prime Minister. However, we rely on safe walls in place by the software/ applications we use to protect us in an emergency. If you find yourself the victim of a hack similar to the one that UK Prime Minister Boris Johnson has, Synergy Infosec is readily available at all hours to help with your security needs.

Protect & Conquer

The first thing any company should think of is protecting their business. Our cybersecurity scanners and tools will protect your business product, so you can focus on conquering the market and leaving your competitors far behind!

Read more
FAQBlog
Subscribe

Sign up to receive our security newsletters