What is the Zoom Stealer malware?

Zoom Stealer is a malicious browser extension campaign that targets millions of users, designed to steal online meeting information and credentials.

How many users are affected by Zoom Stealer?

An estimated 2.2 million users across Chrome, Firefox, and Edge are affected by the malicious Zoom Stealer extensions.

Who is behind the Zoom Stealer campaign?

The Zoom Stealer campaign is attributed to a threat actor known as DarkSpectre, who has launched similar malicious operations previously.

Home / Technology / Zoom Stealer Hijacks Millions of Browsers

Zoom Stealer Hijacks Millions of Browsers

3 Jan

•

Summary

New malware, Zoom Stealer, targets 2.2 million users.
Extensions mimic legitimate tools, steal meeting data.
Threat actor DarkSpectre behind multiple malicious campaigns.

Zoom Stealer Hijacks Millions of Browsers

A critical cybersecurity threat has emerged with the discovery of malicious browser extensions, collectively known as Zoom Stealer, impacting approximately 2.2 million users across Chrome, Firefox, and Edge. These extensions, designed to mimic legitimate video conferencing tools, are capable of stealing sensitive online meeting data, including URLs, passwords, and meeting details, through covert surveillance.

The threat actor identified as DarkSpectre is behind this campaign, which is their third known operation. Previous campaigns, ShadyPanda and GhostPoster, also targeted millions of users with various malicious activities, including fraud and data theft. The success of these extensions stems from their ability to function as advertised while operating surreptitiously.

Security researchers strongly advise users to immediately remove any suspected malicious extensions and reset all important account passwords. Employing a reputable password manager and robust antivirus software is recommended to mitigate risks and protect against ongoing cyber threats. Vigilance regarding new browser extensions remains crucial.