Can Zoom be hacked easily?

Zoom is an application that allows you to make video calls in a very simple way with a few clicks. But the ease of using it can be costly for users. By costly, we mean it would be hacked, and all users' information would be stolen. Follow this article to see if it is possible to hack a Zoom account.

About Zoom

Until a few months ago, few people had heard the name Zoom, but today many people use it daily to communicate with people, from friends and relatives to colleagues. Zoom offers the easiest way to set up video sessions. The app, which focuses specifically on video conferencing, has grown significantly during the Coronavirus epidemic. Today, many people worldwide use it to communicate with their friends and colleagues; in some cases, we have even seen the use of the platform for weddings. The sudden increase in its  users has attracted a lot of attention to this application. Researchers and journalists have carefully studied it and have been able to find apparent weaknesses in the application in the areas of security and privacy. People slowly realize that using this app can be dangerous, and their information may be revealed on the web.

Why it is used widely

The main reason why so much attention is paid to zoom around the world is that the application provides 40-minute video sessions with a maximum of 100 participants for free. Using it is very simple; meetings can be started or joined in a short time. You do not need to log in to your account to make a video call in Zoom. In addition, the application interface is simple. To participate in the sessions, you can enter the ID of each session consisting of several numbers in the application. Then you can quickly join the meeting. The outbreak of the Coronavirus and the closure of companies and organizations have led many employees to telecommute. These people need Zoom, Slack, and Microsoft Thames to communicate with their colleagues. Statistics show that zoom users have increased more than other applications. Unlike other applications, it allows you to make calls straightforwardly. Some experts say that making calls through zoom is too simple, raising security and privacy concerns about the app.

What is zoo bombing?

One of the activities used many times in the web world since zoom became popular is "Zoombombing."  Zoom bombing  can be considered as a kind of cyber attack; Zoombombing is the process by which a profiteer relies on hacking video sessions made through the app. Many users have said that they witnessed strangers joining the session in the middle of the zoom session. By attending such meetings, these people harass users by doing things such as using offensive language, displaying immoral content, and so on; the people who are making these irritations on users are called "Zoombomber." According to a report by PC Media, the Zoomberbers reveal the IDs of the meetings held in Zoom in online forums so that anyone who wants can join them. In some cases, zoomberbers have even been seen recording videos of harassment of people and uploading them to social networks such as YouTube and TikTok.

How can people join the meetings on it without invitation?

As mentioned earlier, sessions in Zoom are pretty simple, using multi-digit IDs that are randomly generated by the application itself. So you do not need to enter a separate password to join video conferencing. This allows people to document meetings with which they have nothing to do and are not invited. Profiteers also take advantage of this opportunity and harass others. Researchers recently developed an automated tool that can find and extract about 100 zoom video session IDs in an hour. The device also can remove the entire data of approximately 2,400 zoom video sessions during one day of scanning. Researchers have developed the tool to show that finding session IDs is not particularly complicated and is practically workable. Zoom says passwords have been enabled by default in meetings since last year, and many people are reluctant to use them.

How safe is it to use it?

The problem which was mentioned earlier is not the only danger of using zoom. There is a section called Company Directory in the zoom settings section, where a security weakness has been found there; security weakness can reveal user images and emails. In addition, Zoom owners said in an official interview with The Intercept media that calls made through the app do not have end-to-end encryption. Following the media coverage of the zoom problems, the administrators of this application announced in a statement that they would not add any new features to it for the next 90 days; the zoom management team intends to work on improving the security capabilities of the application and fix the mentioned problems during this period.

Founded vulnerabilities on it

Researcher David Wells from the Tenable Security  was the first to find the source of the Zoom vulnerability. The bug caused hackers to take control of users' screens, send messages on their behalf, or block other participants from the conference. It cut off the service and fixed the bug immediately after David Wells' report to prevent possible attacks on the users. It also released a new update for the Windows, Mac, and Linux operating systems. However, users must manually update their software to avoid such attacks.

The hacker must send commands in the User Data Entry Agreement (UDP) to control the user's screen. This software bug then mistakenly allowed the hacker to access and execute its commands. After the hacker took complete control of the victim, it could infect the computer with various viruses and malware. According to a report on the Zoom website, more than 750,000 companies are using Zoom. This means that if the bug was not detected, hackers could have done a lot of damages to large global organizations. But thanks to David Wells, Zoom survived.

Google has banned the use of this app due to security issues for its employees.

Google has issued a statement banning this app for video conferencing for its employees. Since the epidemic of Covid-19 started, many people worldwide have had to stay at home, so the number of users of this application has increased dramatically. There has always been news about the low quality of this application's security. The announcement of banning the use of the Zoom application was also due to its common security. Google has sent an email to its employees informing them of the ban on using this application, and also noted that if employees have installed this application on devices provided by Google, it will soon be impossible to use it. Google has offered a service for video conferencing called Google meet instead of Zoom.

Why do people still use it?

Despite all the problems we have mentioned, people are still very interested in using zoom; because it is easy to work with and different services are available to everyone for free; Zoom subscribers can also upload video sessions to the company's cloud servers. Zoom competitors are well aware of its high popularity and have taken steps to challenge it. Microsoft's latest move in this area is the launch of the Skype Meet Now service for the general public. Meet Now is a free service with many features that allow users to call each other through this application without registering on Skype or even downloading it. But still, many people are using Zoom because they find it more comfortable and easier to be used.

Zoom's competitors

There are several alternatives to zoom, and each of them offers several benefits to users.  Several of these applications have made some of their features available to users for free. On the other hand, some of them, such as Google Duo, have increased the number of people participating in video conferences. Video-based apps, incredibly Zoom, have had significant success in the dark days of the Earth due to corona outbreaks. Statistics show that the popularity of Zoom and similar applications are increasing day by day. As the popularity of these applications grows, the concerns about their security grow too.