Skip to content

Do you know what you are downloading?

Is it Zoom, or is it malware?

Arthur Gaplanyan

October 13, 2022

No Comments

Zoom Malware

The year 2020 ushered in a lot of change. One of which was making Zoom a household name. In fact, it’s so popular it dominates in 80 countries – a whopping 66% market share.  It’s got a lot going for it, but that popularity makes it a big target for cybercriminals.

Cybercriminals have devised a simple way to get you to download their malware. They pose as Zoom software and have you download and install it.  At least six different download sites were discovered that pretend to be the real Zoom application – but they are a wolf in sheep’s clothing.

What happens when you install a fraudulent Zoom application.

If you install one of these variant “Zoom” applications, you will be injecting your computer and those it connects to, with malicious software that steals your data. Once in, cybercriminals can get anything you access: browser history, passwords, bank information, and even your MFA (Multi-Factor Authentication) details. 

MFA is that extra level of security you have on your accounts (or at least – you should have on your accounts) to keep them safe. When malware is collecting data on you, it can get your phone number and account information to steal your secure, sensitive information.

You’ll wish it stops there. As if that isn’t bad enough, your details will also be for sale on the dark web. You’ll be a target for any number of bad actors looking to make a profit on you.

Also, if this happens on a business workstation or an insecure home computer then your business data is at risk as well. Once they have access to your business network, your entire business is vulnerable to data theft, impersonation attempts, and ransomware.

How do you protect yourself from malware counterfeit apps?

Make sure you download only the officially available application from the official source.

Imposter websites can be very convincing, but you should be able to prevent yourself from getting tricked if you take a few moments and follow these five guidelines.

1. Before you download any application (not only Zoom), make sure the website you are on is correct. The URL should be what you expect it to be. For instance, Zoom’s official website is “zoom.us”.  Sure, it’s not a dot com, but many websites these days aren’t. But it’s clear you’re not on an unofficial site the likes of “myvideoconferencing.com”. More on this in point 2.

2. While you are checking the URL, check that the connection to the website is “secure.”  There should be a padlock icon next to the URL address. That padlock ensures that the site is using https (instead of just http) and that the site owner is verified.

The use of certificates to ensure secure websites is very old at this point. It’s hard to find a site that doesn’t use https today. All it is saying is that the website you are on is indeed registered…but to who? Time to REALLY double-check that website now. Make sure it doesn’t say “zooom.us” or “zoom.org” (note the extra “o” in the first example and the “org” domain in the second).  Cybercriminals are very crafty, they will use slight changes like misspellings or a different domain extension to masquerade as the real thing.

Specifically for this recent Zoom malware, the bad agents are using changes like “zoom-download” or “zoomus” and then using domain extensions of .host, .space, .tech, .website, and even .fun. I’m purposely not typing out the full URLs here so nobody accidentally sees it thinking it is official.

3. Check if the site is in an unpolished state.  They can be made to look very good, even identical. But usually there are little things throwing it off. Things that don’t line up exactly, colors that are slightly off, or even spelling mistakes.

4. Ensure that your business has malware protection. Cyber security comes in many forms. You need to ensure that your computers are being actively scanned and protected. No, antivirus alone isn’t good enough these days.

5. Communicate. As you learn of specific threats (such as Zoom) make sure to communicate them through your organization. More than just informing your employees, it reminds them to stay vigilant when online and downloading any application.

If you need any advice on how to keep your systems protected and secure, get in touch and we can walk you through the various layers of cybersecurity available.