Hackers advertise critical Zoom Windows bug for $500,000

Two zero-days for Windows and MacOS are being sold, including an RCE flaw that paves the way for full PC takeover

Two critical vulnerabilities found in Zoom’s Windows and MacOS clients have been put up for sale by cyber criminals.

These zero-day flaws include a critical remote code execution (RCE) bug in the software’s Windows client that could allow an attacker to gain full control over the application. Hackers are marketing this particular vulnerability for $500,000, as reported by Motherboard.

This is in addition to a flaw in Zoom’s MacOS client, which isn’t an RCE bug and therefore less dangerous and more difficult to use in a real cyber attack, according to sources speaking with the publication.

The video conferencing software has received widespread attention from hackers in recent weeks given its meteoric rise in popularity and usage by both businesses and consumers.

Cyber criminals have also been keen to exploit the privacy and security storm that’s engulfed the company in recent weeks, which Zoom has recently made efforts to move past.

The increased interest in Zoom zero-days, which are unknown vulnerabilities in software or hardware that cyber criminals can exploit in attacks, chimes with the mass movement of workers and entire businesses to the platform.

“From what I've heard, there are two zero-day exploits in circulation for Zoom,” Netragard founder Adriel Desautels told Motherboard, which was corroborated by two additional anonymous sources.

“One affects OS X and the other Windows. I don't expect that these will have a particularly long shelf-life because when a zero-day gets used it gets discovered.”

The Windows zero-day is a “clean” RCE flaw, one of these sources added, which is ideal to be deployed in industrial espionage attacks. The vulnerability would allow hackers to access the app, although it would need to be combined with another bug exploit to access a victim’s entire machine.

The RCE bug may not appeal to all, and it's likely only useful for those conducting attacks that don't rely on stealth.

Zoom has made several changes in recent days in order to correct the path and restore a reputation that’s been soiled by persistent security issues. These have ranged from confused claims around end-to-end encryption, to a Facebook plugin that transmitted iOS users’ device data to the social network.

The company, for example, last week hired former Facebook chief security officer Alex Stamos as an external consultant. The company has also suspended development on the platform to free up staff and increase the number of those working on security and privacy fixes.

“Zoom takes user security extremely seriously. Since learning of these rumors, we have been working around the clock with a reputable, industry-leading security firm to investigate them,” the company said in a statement to Motherboard. “To date, we have not found any evidence substantiating these claims.”

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Dark web ads offering access to corporate networks increase sevenfold
hacking

Dark web ads offering access to corporate networks increase sevenfold

28 Jul 2021
Number of hacking tools increasing as cyber criminals become more organized
hacking

Number of hacking tools increasing as cyber criminals become more organized

28 Jul 2021
Criminals target Discord to spread malware
live chat

Criminals target Discord to spread malware

26 Jul 2021

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021