Vanity URL: Newly discovered Zoom vulnerability

July 23, 2020
zoom vulnerability vanity URL flaw exploit

A cybersecurity researcher has recently discovered a flaw in Zoom conferencing software. The newly discovered Zoom vulnerability is relatively minor but it is easy to exploit the flaw. This flaw can allow mimicking an Organization and would trick employees divulging their personal and confidential information by using Social Engineering.

As we all know, Zoom’s popularity has skyrocketed because of the current pandemic situation. Organizations have shifted to remote working setup, as well as Universities, High-level Government, Business meetings, and School classes, and Zoom is one of the go-to-meeting platforms that is being used worldwide. It has been reported that there are 10 million daily users of Zoom back in December 2019 and has since soared to 300 million in April 2020.

The vulnerability is found in the customizable URL of Zoom and also known as Vanity URL. This aims to help the Organization create a customized URL on its subdomain and landing page, such as “YourOrganization.zoom.us.”

A cybercriminal can exploit this kind of vulnerability to successfully deliver a Phishing activity if this will not be fixed by Zoom.

In this scenario, cybercriminals can customize the Vanity URL capability. In setting up the meeting, they can modify the URL to add a registered sub-domain. For instance, the original Zoom invitation link is https://zoom.us/j/8942214766; they can change it to https://YourOrganization.zoom.us/j/8942214766. Aside from this, they can also make another layer of victim deception by adding the target Organization’s logo when entering the fake invitation link.

Using the Organization’s dedicated Web User Interface for Zoom is another way of entering a meeting.

zoom vulnerability vanity url image 1

 

Once a user enters the site and clicks on the Join button, the below screen appears:

zoom vulnerability vanity url image 2

 

The victim will enter the meeting ID unknowingly if it’s scheduled initially from the Organization or not.

It’s refreshing and assuring this security has been fixed by Zoom, so the exploit described is no longer possible.

 

To secure your Organization from known Zoom vulnerability, try to consider the following preventive measures:

  • Keep up to date. Updates that IT companies make for their software doesn’t only provide new options or features, but it also addresses bugs and security issues that were discovered on the old versions.
  • Employee awareness of essential cybersecurity. It has been reported that 90% of cyberattacks arises through phishing emails. Informed employees will provide another layer of protection in your Organization.

You may read more tips and preventive measures from one of our articles about Zoom Bombing: https://izoologic.com/2020/04/12/zoom-bombing/

 

 

About the author

Leave a Reply