The new Zoom threat is created in such a way that a specially designed and compromised message is sent to innocent victims by hackers. This will lead to hackers implanting malicious code on the victim’s device and launching spyware and malware attacks.
Zoom malware attack
Hackers are using the Zoom video platform to inject malware into the victim’s machine. The worrying part of the threat is that it doesn’t need users to interact with online fraudsters. The only thing that is needed for hackers is to execute the malware and spyware on your devices be it Android, iPhone, Windows or anything. This was highlighted by Google Project Zero security researcher Ivan Fratic.
“This report describes a vulnerability chain that enables a malicious user to compromise another user over Zoom chat. User interaction is not required for a successful attack. The only ability an attacker need is to be able to send messages to the victim over Zoom chat over XMPP protocol,” said Fratic.
How to escape the Zoom threat?
Zoom has marked this threat as a ‘high’ severity threat. Using the Common Vulnerability Scoring System (CVSS) model, Zoom has given it an 8.1 score out of 10. This will affect all supporting platforms, including Windows, macOS, Android, iPhone and others. This is a serious concern.
It is advisable for all Zoom customers to download the latest update V5.10.0 and stay away from clicking any malicious links or text messages.