Vimeo, one of the most popular video-sharing platforms, has announced that several user accounts are at risk of being compromised by malicious actors.
Online news media The Register reported that one of their readers had gotten a notification from Vimeo that his account had been inappropriately accessed by a third-party and frozen as a result.
Vimeo Users Beware
The user, named David Smith, reportedly confirmed that his Vimeo account wasn’t linked to any additional service. Smith told the outlet that he uses randomly-generated passwords to secure his accounts, which ruled out being compromised through a credential-stuffing attack.
After The Register reached out to Vimeo on Smith’s behalf, the firm explained that Smith might have been infected with a malware that had been targeting accounts on its platform. The company added that it had noticed a list of compromised password and email combinations that had been captured by malware.
“We ran these credentials through our system to see if they matched those of any of our users. In cases where there were matches, we took the proactive step of resetting account passwords and notifying users. Based on the information we have, it is likely that the user’s credentials were compromised due to malware,” Vimeo added.
The news source went on to recommend that any user who gets such a notification should scan their account with antivirus software and change their password.
Coronavirus Sparks a Surge in Cyber Attack Numbers
The prevalence of malware attacks has been a challenging phenomenon for authorities and tech companies, especially in the wake of the Coronavirus outbreak. In the United States, authorities have noticed a spike in the number of related attacks.
Several hospitals have also witnessed several ‘active attacks’ from scammers trying to take advantage of the Coronavirus pandemic. [Modern Healthcare] Chris Frenz, Assistant Vice President of Information Security at Interfaith Medical Center in New York, explained to the news source that he’s seen emails where hackers impersonate members of the Centers for Disease Control and Prevention and urge recipients to open an informational link. The link, as expected, immediately deploys malware onto their system.
Hackers are exploiting the widespread hysteria surrounding the disease for their financial gain. As hospitals have now found themselves in increasingly difficult situations, they’ve become prime targets for malicious actors.
A similar scenario is playing out in the United Kingdom. Earlier this week, the National Cyber Security Centre (NCSC) — the cyber intelligence arm of the U.K.’s Government Communications Headquarters — confirmed in a press release that cybercriminals have amped up their deployment of phishing, financial fraud, and ransomware attacks on people, pretending to share important information about the virus.
The organization also confirmed that it had witnessed an increase in the creation of coronavirus-themed websites, which open more doors for citizens to be exploited as hackers seek novel ways to profit from mass fear and ignorance.