The security expert Brian Krebs said that an automated tool found around 100 Zoom meeting IDs in an hour and info for nearly 2,400 Zoom meetings in a single day of scan.
A Kansas City-based security meetup group led by security professional Trent Lo and members of SecKC developed a program called zWarDial that can automatically guess 9 to 11-digit long Zoom meeting IDs and draw info about those meetings.
zWarDial automated tool
This tool can find around 100 meetings per hour. It can successfully determine a legitimate meeting ID 14% of time. Also, the program extracted critical info like date and time, meeting organizer and topic of a meeting after scanning nearly 2,400 upcoming or recurring Zoom meetings in a single day.
In January, Zoom implemented a feature that would block repeated attempts to scan for meetings but zWarDialroutes searches through Tor to avoid Zoom’s blocking. But the program can’t find meetings that are password protected.