Zoom, the video conferencing software that during the pandemic has rapidly become a go-to platform for hosting work meetings, birthday parties, D&D campaigns, and other hangouts, has disturbingly flimsy cybersecurity protocols.
Hackers have been able to exploit Zoom and take control over users’ PCs and Macs, 9to5Mac reports. Others have used it steal private information, according to Ars Technica. The problem is so widespread that trolls have even started brute-forcing their way into meetings to “Zoombomb” and spam bigoted comments.
Zoom’s cybersecurity is so deeply flawed that a growing number of companies — SpaceX included, Reuters reports — have banned it altogether.
“We understand that many of us were using this tool for conferences and meeting support,” reads an internal SpaceX memo from March 28. “Please use email, text or phone as alternate means of communication.”
In short, just about anything else would be preferable from a security standpoint.
As of press time, Zoom hasn’t patched the several flaws that cybersecurity experts and hackers have been exploiting over the past few weeks.
“It’s quite a shortcoming from Zoom,” Matthew Hickey, a cybersecurity expert who informed Zoom of a an exploit hackers were using to steal users’ Windows credentials, told Ars Technica. “It’s a very trivial bug. With more of us working from home now, it’s even easier to exploit that bug.”
READ MORE: Attackers can use Zoom to steal users’ Windows credentials with no warning [Ars Technica]
More on cybersecurity: A Top White House Cybersecurity Director Just Quit in Disgust