Zoombombers are hijacking video chats and terrorizing marginalized groups. Now Zoom is rolling out new updates to stop them.


The Zoom home page

  • An AIDS activist group’s video chat was hijacked by hackers, who made obscene gestures and screened pornography.
  • Zoombombing has become increasingly common during the pandemic, and marginalized groups are frequent victims.
  • Extremists are “exploiting this newfound reliance on video-conferencing technology to target certain groups,” Jonathan A. Greenblatt of the Anti-Defamation League told Business Insider.
  • Zoom has announced several new features to address Zoombombing, including making passwords the default setting and allowing hosts to lock rooms.
  • Visit Business Insider’s homepage for more stories.

A group of AIDS activists are the latest victims of Zoombombers, hackers who hijack video sessions on teleconferencing platforms like Zoom.

Founded in 1987, ACT UP has used aggressive direct actions like “die-ins” to draw attention to the AIDS pandemic and the need for research, treatment, and a cure.

ACT UP activists at a

On Tuesday evening, ACT UP held a webinar titled “Are You Ready to ACT UP?: Lessons Learned From HIV to Fight COVID.”

Malú Machuca Rose, a performance studies graduate student at Northwestern University, told Business Insider they joined the webinar about 10 minutes after it started.

Following introductions, Rose said, the room suddenly became chaotic as multiple users tried to wrest control of the audio and video.

“On the mic, they would take over and not let the moderator speak,” Rose said. Some shouted “pee poo,” or made undistinguishable sounds using computerized voices.

On camera, the hackers covered their faces with masks and shirts while “making lewd sexual gestures and using the share-screen option to display [straight] pornography,” Rose said.

They added that the bombers were able to push attendees out of the session at will.

“At the beginning, a few [of the hackers] were kicked out but more kept coming,” Rose said. After about 10 or 15 minutes, they added, “the moderators realized it wasn’t going to happen” and ended the session.

Seeing all the other activists on the video chat, Rose said, “made me even sadder — to feel what that space could have been and what it was turned into.”

‘Experiencing it was much worse’

The video chat was hosted on Jitsi, a free open-source platform launched in 2011. Like Zoom, Jitsi is not end-to-end encrypted, and users have reported being “Jitsi-bombed.”

“I had read about Zoombombing, but experiencing it was much worse,” Rose said. “My partner, whose mom passed away from AIDS-related illness in the ’90s, walked in the room as it was happening and held me while I cried.”

“We were both really disappointed in what clearly seems a form of online terrorism against the communities we’re a part of,” they said.

Roughly 20 minutes after the webinar’s posted start time, ACT UP tweeted that it ended the event “due to the virtual bombing by white supremacists.”

The tweet offered “apologies for everyone on that call,” and assured members that a followup webinar on Wednesday night would be on a secure platform.

Shortly before 9 pm, the organization sent a followup tweet emphasizing that ACT UP was “determined to not let white supremacists disrupt our organizing.”

Another tweet thanked New York State Senator Julia Salazar “for helping us troubleshoot Zoom,” suggesting that app will be utilized for tonight’s event.

It’s not clear what led ACT UP to believe the bombers were white supremacists.

“The people who hacked the chat were clearly white, but I didn’t catch onto any specific racist imagery,” Rose said. “I think Zoombombing, in general, has been done by white supremacists,” they added. “And, given that those most affected by HIV/AIDS and COVID-19 are people of color, the accusation makes sense.”

In a statement, ACT UP said “there is nothing special” about Tuesday’s incident.

“These types of attacks are what trolls do, and have done, to people all over the world for many years. Nor is it the first time ACT UP has been trolled,” the group said, adding that it was more frustrated about “the countless elementary school kids and religious minority groups who’ve had their discussions interrupted over the last several weeks.”

Lucas Acosta, press secretary for the Human Rights Campaign, the country’s largest LGBT lobbying group called the attack “absolutely awful.”

“Our community is always under a microscope because of our identities,” Acosta told Business Insider. “We’re living our lives online right now, [and] it is still of the utmost importance to make sure that our privacy remains intact.”

Hate groups have embraced Zoombombing

Zoombombers have particularly targeted minorities, like Muslims, Jews, and people of color: On March 30 the FBI published a warning about teleconference-hijacking, saying had received “multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language” during the pandemic.

There have been numerous reports of anti-Semitic Zoombombings since March: In Westchester County, New York, online religious services were interrupted by a man “posting swastikas and other offensive material,” according to WABC-TV.

A virtual Seder for a group of 150 Yeshiva University students celebrating Passover was hijacked by a dozen hackers who started referencing the Holocaust, making death threats, and calling attendees “dirty Jews.”

During an online “Ask the Rabbi” class at a Jewish high school on Long Island, Zoombombers began “saying all these anti-Semitic things, cursing them out, saying ‘you f—king Jews,'” the mother of one attendee told CBS News.

Jonathan A. Greenblatt, CEO of the Anti-Defamation League, told Business Insider that across social media platforms, “extremists have seized on the coronavirus pandemic as a vehicle to spread their hate and conspiracies.”

“While some Zoombombing incidents can be attributed to internet trolls without particularly malicious intentions, there is concern that extremists are also increasingly exploiting this newfound reliance on video-conferencing technology to target certain groups or advance their hateful messages.”

How Zoom is fighting Zoombombers

Zoombombers are typically able to hijack teleconferencing sessions by getting access to a public video-chat URL. It can be as easy as searching ‘Zoom.us’ or an equivalent address on Twitter, Forbes reported.

Zoom CEO Eric Yuan has admitted the company was unprepared for the deluge of new users that came as millions of people started working and socializing from home.

“We did not do a good job,” Yuan told CBS News. “When we offer the free service, we should have a training session, we should enable a password. Looking back, we should have done that. Absolutely. This is our oversight.”

A 3D printed Zoom logo is placed on the keyboard in this illustration taken April 12, 2020. REUTERS/Dado Ruvic/Illustration

To address the issue, Zoom has made passwords the default setting and established “waiting rooms,” where hosts can decide whom to admit. More recently, the company has announced that, after an April 26 update, hosts will be able to report participants for inappropriate behavior and lock meetings to prevent new users from joining.

“Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively,” Yuan wrote on a blog post. “We are also committed to being transparent throughout this process. We want to do what it takes to maintain your trust.”

Join the conversation about this story »

NOW WATCH: A group of Hasidic Jews in Brooklyn became experts in online learning before the coronavirus. Now educators are seeking their help.