The Coronavirus outbreak is changing our habits and crooks are attempting to take advantage of the popularity of online communication platforms such as Zoom that are used by businesses, school classrooms and normal users.
Zoom has over 74,000 customers and 13 million monthly active users, its popularity exploded with the COVID19 outbreak because the platform is used by millions of students, government and private employees.
According to a report published by Check Point, experts observed a significant increase in the number of registrations for new fake “Zoom” domains and malicious “Zoom” executable files, both are evidence of malicious campaigns carried out by experts.
“During the past few weeks, we have witnessed a major increase in new domain registrations with names including “Zoom”, which is one of the most common video communication platforms used around the world.” reads the analysis published by CheckPoint.
“Since the beginning of the year, more than 1700 new domains were registered and 25% of them were registered in the past week. Out of these registered domains, 4% have been found to contain suspicious characteristics.”
Check Point researchers observed over 1,700 new “Zoom” domains that have been registered since the beginning of the Coronavirus outbreak, with 25 percent of them registered in the last week.
Experts have also detected malicious files with names such as “zoom-us-zoom_##########
Check Point pointed out that crooks are also targeting other applications widely adopted during this period due to the Coronavirus epidemic, such as Google Classroom.
Threat actors registered malicious domains like googloclassroom[.]com and googieclassroom[.]com to deliver malware.