Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each. Credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers. Some of these accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Cybersecurity intelligence firm Cyble was able to purchase 530,000 accounts in bulk to warn their customers of a potential breach.
Source: https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/