Zoom: beware a virus is hidden in a fake version of the software

The antivirus publisher Trend Micro has discovered that an outdated version of the Zoom software has been circulating for a few days. It allows a hacker to install a back door on the computer, and to observe and record everything displayed on the screen.

Even if Microsoft with Teams or Google with Meet has grabbed some market share, Zoom will remain as the star software of this period of containment. Popularity which is counted in tens of millions of users every day, in telework or with friends, and which inevitably attracts pirates. Thus Trend Micro discovered that a false version of Zoom had started to circulate on the web.

This fake version is not available on download platforms, and it’s already reassuring. However, it hides in emails or other messages in the form of links, and it remains very dangerous since invitations to Zoom videoconferences are most often made via email or messaging. We receive a link, we click on it, and the window opens.

File version is out of date

This verolée version, therefore, offers to download a file and when the installation is launched, it is indeed Zoom which is launched. The user can, therefore, believe that everything is fine. Except that the installation file also hides malware that runs in the background, without the user’s knowledge. It is a real backdoor that allows you to observe, from a distance, everything that happens on the computer. The hacker can therefore see, and even record, videoconferences in Zoom, but also in other software. The danger is, for example, to connect to your email or online banking, or to write emails and that all the information entered can be saved by the hacker.

How to protect yourself? First of all, avoid clicking on Zoom links from strangers. This remains the basis of everything. Next, Trend Micro gives a tip: Zoom is currently in version 5.0.1, while the fake version displays Zoom 4.6. Finally, as for an application on a smartphone, the best is to download software from the official site, and not from a link sent by email.