Skip to main content

How to Mitigate Zoom Hijacking



While in a Zoom meeting for assisting students during a turbulent time, after about 20 minutes, it was quickly taken over by 'pranksters' with inappropriate images.

There was a flurry of the event hosts trying to pull up the settings to remove the troublemakers. The meeting was quickly retooled to put everyone on mute for the next round.

A lot of people have been quickly thrust into this world of web conferencing, and selected Zoom, a software that works, but with little to no security. There's certainly no end to end encryption. 

Why is this serious? Because video streaming uses UDP packets, and an attacker doesn't need all of them to get the gist of the information being transferred.

I don't want to see people scramble to reestablish professionalism, so I made a quick guide.

I downloaded this spyware Zoom onto a test phone and laptop to set up a test meeting:

Auphelia Degardess is the name of the phone, and the one with the visual of myself. Mirren Vuilaassen is the laptop. In retrospect, I should have used plainer names. I enjoy fake names.

This setup is having the laptop (Mirren) be the meeting host.


The yellow outline indicates  someone who is talking. What If I'm saying something inappropriate, like "We don't have to be best friends for me to give you a job referral?"


Absolutely barbaric, I know.

Right click, stop video. 

What if I share something inappropriate to the group, such as...

That's Coco.

See the green bar at the top? That is toggled by pressing the ALT key.


Hit 'View Options' and 'Stop Participant's Sharing'


What if they are acting foolish in the chat room?




Forgive my misspelling.

Thing is, you can't delete messages in there, not that I've found. You can remove the perpetrator.


A small option that says 'remove' will appear over guests.


Bye!


If Auphelia tries to return, they will not be able to.


There are some other, simple rules you can follow, such as private meeting rooms and sending your links privately to people you want to join. As someone who has been on the internet far too long, there are other ways to know if someone who enters your chat is about to be a pain:

A big one is someone going "I have a question" - If someone is stalling for the 'joke', they're probably going to say something inappropriate.

Don't hesitate to push people out quickly. If they wanted to stick around, they should have behaved properly.

(By the way; I was extremely serious about my Zoom Bouncer concept.)
Protect your Parents -

Comments

Popular posts from this blog

What Do You Need? [AKA; List of Offered Services / My Next Role] (2020)

I am a trusted outsourced remote consultant for your company.   I enjoy having the flexibility to take on temporary projects from time to time! I start at part-time, temp work for now. If we like each other, we can renegotiate. If anything sounds weird, out there, or unusual - Feel free to e-mail me . Doesn't have to be tech-related. I just have to find it interesting and flexible. 3 Services Offered Writing :      You want to pay me to write more of *waves hand* this blog? I am game .     I write B2C e-mails going out to over 280 people weekly. [ Example Job Description ]        Auditing :        Something doesn't work on your page. I can find it, or you can lose business. [ Here ] [ Example Job Description ]   Technical: Still as-needed, always remote, contract, or temporary. IT Operations Tech [ Example Job Description ]     Hardware and SaaS support.     Cisco routing and switching  Cloud Technician     Azure [ See tag ]  Support [Web: Example Job Description ] [Tex

Portfolio of UX/Product Feedback [Vol. 1]

Have You Looked at Your Webpage From the Customer's View Lately? You have probably been linked here from a form or my resume. If you have any questions about what I'm looking for in a role, click here .   This post is not to shame, but to point out errors and hopefully make my talent for finding and documenting such mistakes clear to someone hiring. Contents: Instances where I offer constructive feedback on someone's website, logo, or app. Actions that were taken by the developers or artists.  I'm glad you want your webpages to be the best they can be with my help; If you need your sites audited, e-mail me . Latest Update -  November 20th, 2020.   Vol. 2 is here .

Wireless Diagnostics on Mac OS; Packet Sniffing on a WLAN

There's a post sitting in my drafts about Wireshark and how to sniff packets out of the air that was going to be about sniffing for authentication packets for Wi-Fi hotspots that aren't broadcasting SSID (Which you shouldn't do apparently! It's still not safe). I was watching this video to find a little more information about how to properly use Monitoring mode on my Macbook to sniff for WLAN packets on the network. So when he said "Just open up Wireless Diagnostics and sniff your network (check your width and channel)." It was shocking to me.