Zoom meeting codes leaked on public forum

April 6, 2020
min read

A website called Zoom Leaks advertises itself as a public forum used to share session codes, on the popular live conference software zoom.us. We found that site members post meeting IDs for unsecured Zoom meetings.

Zoom Leaks HomepageThe forum currently has codes for AA meetings, school classes, and even religious meetups.

Zoom codes for different types of meetings

The forum also claims that they have access to Zoom servers and have thousands of Zoom codes that will be released on their Discord channel: gg/3deQgE. It is also notable that most users are sharing the codes via Discord and not directly on the forum.

Zoom meeting IDs and passwordsWhile there’s not much clarity on how these details were leaked, we suspect that the recently disclosed vulnerabilities such as: one bug that allowed uninvited guests to join meetings , and another UNC path injection bug that let attackers steal Windows login credentials, could have been exploited.

In response, Zoom has released patches for these vulnerabilities and has promised weekly webinars to provide privacy and security guidelines.

No items found.