Video Conferencing Zoom App is filled with Security Vulnerabilities


Video Conferencing Zoom App which allows employers to stay connected with their employees in work from home situations is in news for all wrong reasons. Security research has discovered two flaws in the Zoom App and stated that it allows hackers a chance to sneak into a user’s privacy via webcam or their microphone.


Patrick Wardle, a former NSA hacker was the guy who discovered the vulnerabilities in the remote working app. On one of his twitter posts, he stated that the first bug which he discovered allows the hackers to steal windows password while the other makes the hackers gain physical access to a Mac device by taking control of their webcam and a micro-phone- all by exploiting the flaws in the Zoom Installer which then gives root access to the threat actor allowing him/her to anonymously installing malware or spyware on the victimized device.


Throwing some light on the third bug Wardle said that it allowed a cyber crook to compromise the audio and video feeds of a Zoom- like intercepting the feed with some X rated stuff and such.


Zoom which boasts itself as a leader in offering modern-age enterprise video communication has taken note of flaws and might react as soon as the worldwide lockdown ends by this month-end…..hopefully!


Note 1- In Feb this year, Zoom had a daily download stats of just 17,000 which zoomed to 2.5 million by the end of March 2020.


Note 2- Zoom happens to be a San Jose based company that offers digital video conferencing services such as online meetings, chats, and mobile collaboration.


Note 3- This 2011 started company hit the milestone of 40 million users in late 2015 with a business subscription list of 65,000.


Note 4- To date, the company is reported to have hosted over 1 billion meeting minutes.


Note 5– The Company was sued by the US Federal Court for illegally leaking personal data of its users to companies like Facebook and Google in March 2020.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display