Vice Motherboard reports that currently cybercriminals sell on the market two exploits for 0-day Zoom vulnerabilities that allow hacking users and monitor their calls. One exploit is for Windows and one is for macOS.
Three own magazine sources told about the exploits. It is noted that the sources themselves did not see the exploit code, but vulnerability brokers contacted them and offered this “product” for sale.Journalists point out that interest in Zoom’s 0-day vulnerabilities has significantly grown now, as the coronavirus pandemic has forced millions of people around the world, including employees and executives of large companies, to use Zoom for confidential meetings.
As far as I know, there are two zero-day vulnerabilities for Zoom. <...> One of them affects OS X, and the other Windows, – said the magazine Adriel Desautels, the founder of Netragard, which previously also sold vulnerabilities. “I don’t think they will have a long “life span”, because when 0-days are exploited, it shows up.”
Two other independent sources that chose to remain anonymous also confirmed the existence of two exploits on the market. One of them says that an exploit for Windows is a pure RCE vulnerability, that is, a problem that allows remote execution of arbitrary code, which is ideal for industrial espionage. At the same time, the exploit for macOS is not RCE, according to the same sources.
Also, according to one of the sources, which is engaged in the acquisition of exploits, but decided not to buy this particular one, attackers are currently asking for $ 500,000 for an exploit for Windows.
However, according to him, the real price of this exploit is hardly half of this amount, since the use of this vulnerability has an important nuance: it is necessary for the hacker to participate in the call together with the target. Therefore, for special services that prefer secret surveillance, this vulnerability is likely to be practically useless.
Zoom takes user safety very seriously. After we heard about these rumors, we worked with a reputable industry leader to investigate these reports. To date, we have not found any evidence of these claims”, — told Vice Motherboard Zoom representatives.
Let me remind you that along with the acquisition of popularity, Zoom began to rapidly lose its reputation – for example, only recently from the application was removed the code, which allowed Facebook to track users. NASA, SpaceX, and Google employees were prohibited from using Zoom. Exploits for sale are another proof of the unreliability of the application.