Security News

Zoom flaw is Windows security risk

Avast Security News Team, 3 April 2020

Plus, some governments use cell phone data to track virus carriers and the U.S. considers more Wi-Fi access for all

Researchers discovered a flaw in the Zoom chat feature that could allow attackers to steal users’ Windows login credentials. Over the past month, as much of the population began working from home and discontinuing social gatherings, the number of Zoom video conferences has skyrocketed. Since 2020 began, 2 million new users have signed up with the service. People all over the world are using Zoom on a daily basis for work meetings, school sessions, social hours, and casual video chats. The sudden surge, however, has brought to light several privacy and security issues with Zoom protocol. 

The latest vulnerability puts Zoom users on Windows systems at risk if they use the chat feature to view shared files. Bleeping Computer reported that when users share a file through the Zoom chat, Zoom converts that file to a hyperlink. When other users click that link, they are connected to a remote site to see the file. At the same time, their Windows login name and password are transmitted in the metadata. The password is hashed, but it easily can be cracked by a savvy hacker. Researchers at Bleeping Computer walked through the process and cracked the password within 16 seconds. Zoom has acknowledged the vulnerability and said they are working to address the issue. Avast security evangelist Luis Corrons applauds the quick efforts Zoom has made to mitigate the problems. “Vulnerabilities are found in all kinds of software,” noted Corrons. “The important thing is how the company behind the program reacts. In this respect, Zoom has stepped up to fix vulnerabilities and focus on the safety of their users.” Zoom founder and CEO Eric S. Yuan posted a message to users yesterday explaining the measures the company is taking.   

FCC will vote on widening Wi-Fi spectrum

The United States Federal Communications Commission will vote later this month on new rules that would allow unlicensed devices – namely, private home routers – to operate in the 6 GHz band. “Cisco projects that nearly 60% of global mobile data traffic will be off-loaded to Wi-Fi by 2022,” commented FCC Chairman Ajit Pai. “To accommodate that increase in Wi-Fi demand, the FCC is aiming to increase the supply of Wi-Fi spectrum with our boldest initiative yet: making the entire 6 GHz band available for unlicensed use.” The move would increase the spectrum available for Wi-Fi almost by a factor of five. “This would be a huge benefit to consumers and innovators alike,” Pai added. “It would be another step toward increasing the capacity of our country’s networks.”

This week’s stat

400 million – that’s how many Marriott guests had their personal information stolen in the hotel chain’s 2018 data breach.

Over 5 million at risk in new Marriott data breach 

International hotel chain Marriott, which counts the W Hotel, Sheraton, and Courtyard among its brands, announced this week that an unauthorized user exploited the login credentials of two employees back in January and February this year, accessing information on more than 5 million guests. The hacked data includes names, birth dates, mailing addresses, and loyalty program details. CNN reported that no passwords or credit card information seem to have been compromised. The hotel chain says it is currently alerting those affected and setting up a website and call center as a resource for potential victims. 

Texas med group hit by ransomware data breach

Medical network Affordable Urgent Care Clinic, based in Texas, reported that it discovered a ransomware incident on its servers on February 3. While the vulnerability that caused the incident has been removed, sensitive patient information has been compromised, including birth dates, medical records, insurance details, and Social Security numbers. Affordable stated that law enforcement has been brought in to investigate the incident and the ransom has not been paid. They are notifying affected patients by letter. According to SC Magazine, the notorious Maze ransomware group is behind the attack and, because Affordable did not pay the ransom, Maze has exposed some of Affordable’s sensitive information on its doxing website to pressure the group to pay.

This week’s quote

“Tech has the power to help us get through this rough stretch. Keeping conversations open about how we can use it best will help us better adapt to other situations in the future. “

Avast VP of Product Delivery Leena Elias, giving tips to keep your family safe online during the coronavirus crisis

FBI warns private industry of Kwampirs RAT

The FBI issued an alert to the private sector this week warning about the advanced persistent threat (APT) of the Kwampirs remote access Trojan (RAT). The FBI has been observing the Kwampirs RAT since 2016, as bad actors have been using it to conduct a global network exploitation campaign, particularly towards the industries of healthcare, energy, engineering, and software supply chains. The RAT burrows into networks where it facilitates secondary malware infections. The FBI calls special attention in the alert to current attacks on the healthcare industry, saying the RAT is infecting systems through infected hardware products and compromised software supply chains. The FBI uses the alert to share guidance on best security practices to defend against the threat.

Governments use cell phone tracking to manage virus lockdown

To keep track of citizens infected with the coronavirus, some governments have turned to cell phone location tracking. Reuters reported that mobile carriers have been sharing their data with health authorities in Italy, Germany, and Austria to map the movements of infected cases. The aggregated data is said to be anonymized, per GDPR regulations. The Verge reported that in addition to European countries, Israel, China, Taiwan, and South Korea have also been using location data to manage the spread of the pandemic. So far, there have been no reports of U.S. authorities using location tracking. 

This week’s ‘must-read’ on The Avast Blog

Looking for tips on how to get through this continued time at home? Avast sponsored a Digital Sanity Summit, packed with insights including tips for parents managing technology with their kids and how to combat cyberbullying


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.