Anonymous individuals are hijacking and disrupting Zoom video conferences held by schools and businesses, the US Federal Bureau of Investigation (FBI) has warned.
Having infiltrated the conference, hijackers are reportedly displaying pornographic, profane and hateful imagery to attendees. Some are doing so with the intention of posting videos to social media.
Cyberattacks of this variety have gained in popularity in recent weeks, as millions of students and employees turn to online video conferencing amid coronavirus quarantine mandates.
While the extent of damage caused by trolling attacks is comparatively minimal (as victims are not infected with any form of malware), disruption could take its toll on organisations already struggling to navigate the global crisis.
Zoom has experienced a sharp rise in traffic in recent weeks, with the app downloaded more than 50 million times on Google Play store alone. The company's market valuation, meanwhile, has rocketed to $42 billion – up from $16 billion in 2019.
The firm has issued patches for a series of vulnerabilities over the past year, some of which allowed attackers to discover and infiltrate insecure video conferences. However, recent reports suggest hijacking remains a widespread issue.
“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” said a warning published by the intelligence body.
“As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the Covid-19 crisis, reports of VTC hijacking (also called ‘Zoom-bombing’) are emerging nationwide.”
In one such incident, an unknown individual joined an online class taking place over Zoom, shouted profanities and revealed the teacher’s personal address. In another case reported to the FBI, an unidentified conference attendee paraded a set of swastika tattoos.
Fast food chain Chipotle was also forced to abandon a Zoom call after an individual broadcasted pornography to the hundreds of participants in attendance.
To avoid incidents of this kind, the FBI has advised schools and businesses adhere to the following guidelines:
– Do not make meetings or classrooms public
– Do not share Zoom conference links on public social media
– Manage screen-sharing options
– Ensure users keep their Zoom clients up to date
– Ensure your organisation's telework policy addresses requirements for physical and information security
Via Bleeping Computer