Cloud meetings are one of the trending concepts these days. As more and more organizations switch to remote interactions and communications, zoom cloud meeting, a cloud-based web application has gained tremendous popularity. However, as much as the concept seems fascinating, the backend infrastructure of Zoom isn’t secure and prone to hacks.
Probably, this is why the organization has received a series of accusations, not to mention the trailing trust issues. While the company assures you of their competent solution, none of their justifications stand through the inadequate and vulnerable software. As so it appears, the company has made a series of apologies to account for the mishaps. Yet, the ongoing events tend to speak a different story.
zWar: Tool To Counter-Strike False Justifications By Zoom
An independent cyber security researcher Trent Lo collaborated with the members of SecKC in the USA to build a tool namely, zWarDial. This tool employs the method of war dialing to breach Zoom meetings and exploit information. The intent behind the creation of the tool was to pry open the vulnerabilities and security gaps in the software.
What is War Dialing?
In case you are familiar with the brute force method of attacking, you might easily understand what war dialing means. In simple terms, war dialing is a technique where the hacker’s dial series of numbers quickly. Services that lack significant protection protocols are vulnerable to such forms of attack. Here, a string of numbers is used as the ID to get into the system.
zWarDial is the tool that helps track down the ID of zoom meetings and breach in the system illegally. As so it appeared, zWarDial was successful in accessing ID’s and compromise the security. This way, the team proved the inefficiency of the zoom platform, defying all that’s been said by the company.
Before reaching the peak of success, Zoom proudly announced that they have fixed all security points to prevent Brute Force attack. However, zWarDial seems to nullify this claim using Tor to route his traffic access.
Another statement by the company was that mandated password protection for meetings. Surprisingly, zWarDial traced several meetings that were open and breaching the same was pretty easy.
Testing the tool, it was seen that zWarDial traced around 110 ongoing Zoom meetings in a single hour. On the whole, the software can intrude more than 2,000 Zoom meetings in a single day across the globe. The success rate of zWarDial is 14% and seeing the popularity of zoom, this figure exposes a huge amount of data, questioning the credibility of the system.
As of now, the company has freezed all of its offerings with the pledge to come back with a robust and secured portal. Let’s see if this time their claims justify the cause.