<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">

<meta name="Generator" content="Microsoft Word 15 (filtered medium)">

<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}

o\:* {behavior:url(#default#VML);}

w\:* {behavior:url(#default#VML);}

.shape {behavior:url(#default#VML);}

</style><![endif]--><style><!--

/* Font Definitions */

@font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

/* Style Definitions */

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0in;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri",sans-serif;}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:#0563C1;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {mso-style-priority:99;

        color:#954F72;

        text-decoration:underline;}

p.msonormal0, li.msonormal0, div.msonormal0

        {mso-style-name:msonormal;

        mso-margin-top-alt:auto;

        margin-right:0in;

        mso-margin-bottom-alt:auto;

        margin-left:0in;

        font-size:11.0pt;

        font-family:"Calibri",sans-serif;}

span.EmailStyle18

        {mso-style-type:personal;

        font-family:"Calibri",sans-serif;

        color:black;}

span.EmailStyle19

        {mso-style-type:personal-reply;

        font-family:"Calibri",sans-serif;

        color:windowtext;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-size:10.0pt;}

@page WordSection1

        {size:8.5in 11.0in;

        margin:1.0in 1.0in 1.0in 1.0in;}

div.WordSection1

        {page:WordSection1;}

--></style><!--[if gte mso 9]><xml>

<o:shapedefaults v:ext="edit" spidmax="1026" />

</xml><![endif]--><!--[if gte mso 9]><xml>

<o:shapelayout v:ext="edit">

<o:idmap v:ext="edit" data="1" />

</o:shapelayout></xml><![endif]-->

</head>

<body lang="EN-US" link="#0563C1" vlink="#954F72">

<div class="WordSection1">

<p class="MsoNormal"><o:p> </o:p></p>

<p class="MsoNormal"><span style="font-size:14.0pt;color:black">Beware of bogus Zoom links.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt;color:black"><o:p> </o:p></span></p>

<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span style="font-size:16.0pt">COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware<o:p></o:p></span></b></p>

<p class="MsoNormal"><span style="font-size:14.0pt">March 30, 2020<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt">Ravie Lakshmanan<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt"><o:p> </o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt">As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by

 registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices.<br>

<br>

According to a report published by Check Point and shared with The Hacker News, over 1,700 new "Zoom" domains have been registered since the onset of the pandemic, with 25 percent of the domains registered in the past seven days alone.<br>

<br>

"We see a sharp rise in the number of 'Zoom' domains being registered, especially in the last week," said Omer Dembinsky, Manager of Cyber Research at

<a href="https://blog.checkpoint.com/2020/03/30/covid-19-impact-cyber-criminals-target-zoom-domains/" target="_blank">

<span style="color:blue">Check Point</span></a>.<br>

<br>

"The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure, and exploit.

<span style="color:red">Each time you get a Zoom link or document messaged or forwarded to you, I'd take an extra look to make sure it's not a trap</span>."<o:p></o:p></span></p>

<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:14.0pt"><br>

With over 74,000 customers and 13 million monthly active users, Zoom is one of the most popular cloud-based enterprise communication platforms that offers chat, video and audio conferencing, and options to host webinars and virtual meetings online.<br>

<br>

The popularity of Zoom has shot up significantly in recent weeks as millions of students, business people, and even government employees across the world are forced to work and socialize from home during the coronavirus pandemic.<o:p></o:p></span></p>

<p class="MsoNormal"><a href="https://thehackernews.com/images/-yWIB-PD7zFg/XoHDPPzJ4PI/AAAAAAAAAJg/QTDbI-byMQU8susgSnjDvr3zh36yjPnKACLcBGAsYHQ/s728-e100/zoom-video-conferencing-coronavirus.jpg"><span style="font-size:14.0pt;color:blue;text-decoration:none"><img border="0" width="728" height="400" style="width:7.5833in;height:4.1666in" id="Picture_x0020_4" src="cid:image001.jpg@01D60794.FADC1590" alt="zoom video conferencing coronavirus"></span></a><span style="font-size:14.0pt"><o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt"><br>

The report comes following a significant increase in the number of <a href="https://thehackernews.com/2020/03/covid-19-coronavirus-hacker-malware.html" target="_blank">

<span style="color:blue">malicious coronavirus-related domains</span></a>, with bad actors finding

<a href="https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html" target="_blank">

<span style="color:blue">new ways to profit off</span></a> the global health concern to stage a variety of

<a href="https://thehackernews.com/2020/03/coronavirus-covid-apps-android.html" target="_blank">

<span style="color:blue">malware attacks</span></a>, phishing campaigns, and create scam sites and malicious tracker apps.<br>

<br>

What's more, the researchers said they detected malicious files with the name "zoom-us-zoom_##########.exe," which when executed, installed potentially unwanted programs (PUPs) such as

<a href="https://blog.malwarebytes.com/detections/adware-installcore/" target="_blank">

<span style="color:blue">InstallCore</span></a>, a dodgy bundleware application that's known to install other kinds of malware.<br>

<br>

But Zoom is not the only app to be targeted by cybercriminals. With schools turning to online learning platforms to keep students occupied, Check Point researchers said they also discovered phishing sites masquerading as the legitimate

<a href="https://edu.google.com/products/classroom/" target="_blank"><span style="color:blue">Google Classroom</span></a> (e.g., googloclassroom\.com and googieclassroom\.com) website to trick unwitting users into downloading malware.<o:p></o:p></span></p>

<p class="MsoNormal"><span style="font-size:14.0pt;color:black"><o:p> </o:p></span></p>

</div>

</body>

</html>