top of page
OceanVertical

Hackers Sneak Through Video Calls Using Zoom and Microsoft Teams

  • cypac1
  • Aug 12, 2025
  • 2 min read

ghost calling

That unexpected Teams call that seemed like IT support but wasn’t? Welcome to the world of Ghost Calls, where trusted tools become hacker highways. At Black Hat USA 2025, cybersecurity experts revealed a clever new hacking tactic called Ghost Calls. It does not use new bugs or break systems in the traditional way. Instead, it quietly misuses features built into tools we all use, such as Zoom and Microsoft Teams.

These apps use something called TURN servers to help your video and voice chats run smoothly even when connections are tricky. Ghost Calls exploit this feature to secretly send data in and out of an organization, like passing notes during a meeting without anyone noticing.

Hackers take advantage of temporary codes your computer gets when joining Zoom or Teams. Then, using a free tool called TURNt, they sneak in through the same video call pathways you use to chat with coworkers. No malware downloads needed. No red flags.


Why It Matters

This means attackers can quietly move data out, control infected computers, or run hidden programs all without raising suspicion. For businesses and organizations that rely heavily on Teams and Zoom, this is a major blind spot.

What You Can Do

  1. Know What to Watch For Train your team to recognize suspicious video call behavior like odd delays or connection attempts. Nontechnical staff can flag concerns, while IT monitors for unusual data traffic in tools like Zoom or Teams.

  2. Limit Access and Permissions Manage video call tools carefully. Set tokens to expire quickly and only allow trusted services to run like locking side doors, not just the front.

  3. Inspect and Log Behind the Scenes Have IT enable deep monitoring tools like DPI and review logs for unusual activity, such as hidden data transfers through video chat. You don’t need to know the code just support the process.

  4. Keep Teams Informed and Ready Discuss threats like Ghost Calls in team meetings and run occasional drills so everyone, from execs to staff, knows how to spot and respond to them.

Takeaway

Ghost Calls are a reminder that even trusted tools like Zoom and Teams can be misused. But the answer is not panic, it is awareness and action. By training your team to spot suspicious behavior, limiting access, monitoring behind the scenes, and staying informed, you build the visibility needed to catch threats early and stop them before they cause harm. Stay safe out there -Mars

Positivity Box Kraken cryptocurrency exchange uncovered a North Korean hacker during a Zoom job interview by noticing mismatched personal details, suspicious behavior, and his inability to answer simple location-based questions. Their deliberate traps during the call confirmed he was a cybercriminal trying to infiltrate the company, preventing a potential breach.


New Friday Funnies! What do you call a ghost hacker who loves video meetings?

 A Zoom-bie. What did the laptop say during the ghost call?

I see dead connections.” Why did the ghost call IT support? Its connection kept dying. What's a cybercriminal’s favorite way to join a Zoom call?

Incognito mode with a side of TURNt.


ghost it
casper hacker
cute animals video call
unexpected call


 
 
 

Comments

bottom of page