Researchers discovered a cyber-criminal selling over 500,000 Zoom user accounts on a Darknet forum. The accounts ranged from being given away for free to less than a penny per account. According to the researchers, the accounts were not compromised through any sophisticated means but rather through credential stuffing. Credential stuffing involves criminals taking login details from other breaches and testing passwords against accounts on another system. Several of the owners of accounts that were being offered up online were contacted by Bleeping Computer and confirmed that the credentials listed for their account were correct.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in