Professional Documents
Culture Documents
Investigação ZoomInfo - Hacker Investigador
Investigação ZoomInfo - Hacker Investigador
OPEN SOURCE
INTELLIGENCE REPORT
T able O f C ontents
1 C onception ................................................................................. 5
1.1. Scope ......................................................................................................... 5
1.2. Disclaimer..................................................................................................... 5
2 Executive Summary..................................................................................... 6
3 Threat Model........................................................................................... 7
7 Zoom’s Leadership.................................................................................... 17
7.1 Zoom’s Directors. ...................................................................................... 17
7.2 Zoom’s Consel Members............................................................................... 17
7.3 L Schuck, Henry......................................................................................... 18
7.3.1 Employment................................................................................................. 18
7.3.2 Home.......................................................................................................... 18
7.3.3 Phones........................................................................................................ 18
7.3.4 Social Media & Accounts.............................................................................. 19
7.3.5 Family & Friends.......................................................................................... 19
7.3.6 Domains...................................................................................................... 19
7.3.7 Main Breches............................................................................................... 20
7.3.8 Leaks & Other Public Data........................................................................... 20
3
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
4
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
1 C onCeption
1.1. SCope
1.2. DiSClaimer
All of the report’s data were obtained from publicly available resources.
The data is in compliance with agency policy as well as local and federal
law. During the investigation process, Doctor used publicly available tools.
5
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
2 Executive Summary
Zoominfo, at first sight, seems like a solid and reliable B2B service
collaborating with tech giants such as Google, Zoom, Snowflake, and T Mobile. But
underneath all of the elaborated software they offer - such as SalesOS, MarketingOS,
and TalentOS - there is a worrisome amount of exposed data coming from the
C-Level and Board Members.
It became clear that although their own services are geared towards B2B
(business to business), with solid intel handled by an organization with market
cap over 27B USD, the five chosen Zoominfo's key-personnel in this investigation
have their own information "hidden in plain sight" in a just-enough manner to
allow hackers to use it for blackmail, attacks, and to explore even their website
Whois data, with the information scraped and a Domain Administrator shown to be
careless by using a work-related exposed email address.
For each of the five chosen senior professionals, this report includes
recommendations to clean the compromising data and protect their reputation, so
the business continues to grow securely.
6
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
3 Threat Model
This Threat Model will approach the case where the source of the threat
comes from inside the organization.
With nearly 25% of the staff disapproving the top leadership, due to
organizational culture challenges and high pressure, there is a chance for an Insider
to act.
An Insider is an employee that can become a threat when using their
authorized access, wittingly or unwittingly, to do harm to the Organization's (in
this case, Zoom's) mission, resources, personnel, facilities, information, equipment,
networks or systems.
There is no effortless fix: improving relations between staff and leadership
takes a long time since Zoom has thousands of employees and multiple offices
around the world. On the other hand, a good start is to put to practice the OPSEC
mentioned in this report - and go even further by installing biometry, cameras, and
electronic locks - so the chances for an Insider to act maliciously at work goes
down.
The bigger an organization gets, the greater the chance that Hackers and
Cybercriminals will try to attack or extort its leaders - beginning with the CEO and
other C-level leaders, down to directors and managers. Because leaders are the
favorite target for Hackers and Cybercriminals (considered 'whales' to spear phish),
it’s extremely important to perform an OPSEC training, starting by applying privacy
techniques - Michael Bazzell's book Extreme Privacy is a recommended guide. A
couple of the targets in this report left enough information in public - mainly on
social media - for a criminal to use against them, embarrass them or even aim at
their families to perform extortion.
7
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
It's recommended to at least turn the top-leadership’s personal social media
private, if they are not used for institutional purposes (Private Instagram, clean
friends list, use fake names for new accounts), change old passwords, especially
the ones breached, and clear the unwanted online footprint (deleting old tweets,
hunting and removing old and unused accounts, etc.)
More recommendations for each target are available in the report.
Images source: https://www.indeed.com/cmp/Zoominfo
8
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
9
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
The address provided by the WhoIs in question (307 Waverley Oaks Rd) - and
one of the ZoomInfo’s headquarters (275 Waltham, MA) are only about 5 mi-
les between each other.
Source: https://www.google.com/maps/dir/275+Wyman+Street,+Waltham,+MA/307+Waverley+Oaks+R-
d,+Waltham,+MA+02452/
10
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
11
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
There are 37 Case Files available for the public at Unicourt.com. That gap allows the public
to see legal cases between the government, other organizations, and individuals linked to
ZoomInfo.
12
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Source: https://capacitycommercial.com/properties/?propertyId=821339-lease
13
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
By researching the whereabouts with Google Maps, is possible to notice “For Lease”
signs on the building, going through all dates of capture. Example below.
Through the “Capacity” sign’s website, you’re able to see a virtual tour of parts of
the building.
To reach it, enter the website (https://capacitycommercial.com/), select Properties,
search by “805 Broadway” and pick the first one.
Select the tab “Spaces” and “Take a Tour”. There’s also the Floor Plan for a handful
of areas.
Source: <https://capacitycommercial.com/properties/?propertyId=821339-lease>
You can then begin to notice a couple of items on the premises.
(The information below is speculative and might not cover the whole building/headquarters’ security.)
14
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Source: https://my.matterport.com/
show/?m=wTwkmFYfpQr
At the entrance, there are two sets of glass double doors that
could literally be broken into with a heavy tool.
The simple locks indicate a vulnerability to lockpicking during
the closed hours (Monday through Friday 3AM - 8PM EST
(UTC-5:00)).
Also could be vulnerable to tailgating (following closely an
employee to infiltrate the building) during open hours.
Source: https://my.matterport.com/show/?m=wTwkmFYfpQr
15
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
There are parking lots on 3 sides of the building, all of them easily
accessible.
No security guards or obstacles that prevent a bad actor to park close
were seen, making the organization more prone to Wardriving - the act
of hacking a place by parking close to it and capturing wireless data.
16
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
7 Zoom’s Leadership
7.1 Zoom’s Directors
Anthony Stark Chris Hays Cameron Hyzer Derek Smith Chetna Mahajan
General Counsel President & COO Chief Financial Officer Chief Strategy Officer Chief Information Officer
Henry Schuck
Found & CEO
Hila Nir Nir Keren Prasadh Cadambi Simon McDougall Tim Strickland
Chief Product Officer President Of Israel Chief Accounting Officer Chief Compliance Officer Chief Revenue Officer
Operations And Chief
Technology Officer
17
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
7.3.1 employment
Employer Source Notes
Founder & CEO https://www.zoominfo.com/about/leadership Also a Board Member
7.3.2 home
Home Adresses Timeframe Source
Outdated <https://dehashed.com/
La Crescenta, CA, 91214 search?query=schuckpolo&page=1>
Result #260529913
7.3.3 phoneS
Phone Numbers Source Notes
+1 360-326-4 https://411.info/business/Discover-Org-Vancouver-WA-23200520 Discover Org Number
+1 866-904-9 https://www.zoominfo.com/about/contact ZoomInfo Number
+1 844-992- https://www.zoominfo.com/about/contact ZoomInfo Number
+1 818-249-6 https://dehashed.com/search?query=schuckpolo&page=1 Outdated Number
Result #260529913
+1 360-783- https://www.datanyze.com/people/Henry-Schuck/1260398587 Direct
+1 818-679 https://www.datanyze.com/people/Henry-Schuck/1260398587 Mobili
+1 360-783 https://www.datanyze.com/people/Henry-Schuck/1260398587 HQ
18
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Appears on @schuckpolo
https://www.instagram.com/schuckpolo/
7.3.6 DomainS
Domain Web Address Notes
ZoomInfo https://www.zoominfo.com Source: https://host.io/redirects/zoominfo.com
19
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
20
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Recommendations
7.4.2 home
Home Adresses Timeframe Source
46 Urbana, Outdated https://thatsthem.com/name/Hila-Nir
7.4.3 phoneS
Phone Numbers Source Notes
+1 617-826 https://www.datanyze.com/people/Hila-Nir/1645938489 Direct Phone Number
+1 360-783 https://www.datanyze.com/people/Hila-Nir/1645938489 HQ Phone Number
+1 937-484 https://thatsthem.com/name/Hila-Nir Personal Number
+1 404-909 https://thatsthem.com/name/Hila-Nir Personal Number
7.4.4 emailS
Email Source Note
zoominfo.com https://www.datanyze.com/people/Hila-Nir/1645938489 Professional Address
@gmail.com https://www.datanyze.com/people/Hila-Nir/1645938489 Personal Email Address
21
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
7.4.5 SoCial meDia & aCCountS (google SearCheS anD SherloCk)
Website Source Link
Twitter Google Search https://twitter.com/hilanir
LinkedIn LinkedIn Search https://www.linkedin.com/in/hila-nir-226851b/
Facebook Facebook Search https://www.facebook.com/hila.nir.50
Instagram Instagram Search https://www.instagram.com/hilanirg/
Vimeo https://www.social- https://vimeo.com/user142028350
searcher.com/search-
users/?q6=Hila+Nir
22
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Recommendations
7.5.2 phoneS
Phone Numbers Source Notes
+1 360-783 https://www.datanyze.com/people/Chris-Hays/1502602806 Direct Phone Number
+1 360-783 https://www.datanyze.com/people/Hila-Nir/1645938489 HQ Phone Number
+1 717-456 https://thatsthem.com/name/Hila-Nir Personal Number
7.5.3 home
Home Adresses Timeframe Source
ir.Mechanicsburg, Current address https://thatsthem.com/email/chaze00@
gmail.com
23
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
7.5.4 emailS
Email Source Note
mail.com https://www.datanyze.com/people/Chris-Hays/1502602806 Personal Address
comcast.net https://thatsthem.com/address/ Personal Address
zoominfo.com https://www.datanyze.com/people/Chris-Hays/1502602806 Professional Address
24
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Recommendations
7.6.1 employment
Employer Source Note
Chief Accounting Officer https://www.zoominfo.com/about/leadership Leadership
7.6.2 phoneS
Phone Numbers Source Notes
+1 650-793 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 Direct Phone Number
+1 516-410 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 Mobile Phone Number
+1 360-783 https://www.datanyze.com/people/Prasadh-Cadambi/5404826293 HQ Phone Number
7.6.3 home
Home Adresses Timeframe Source
4160 Lakeview Blvd. Lake Current address https://thatsthem.com/name/Sriprasadh-Cadambi
25
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
26
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
Recommendations
7.7.2 phoneS
Phone Numbers Source Notes
+1 425-324- https://www.datanyze.com/people/Mark-Mader/47241677 Direct Phone Number
+1 765- 969 https://www.datanyze.com/people/Mark-Mader/47241677 Mobile Phone Number
+1 425)-324 https://www.datanyze.com/people/Mark-Mader/47241677 HQ Phone Number
27
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
7.7.4 emailS
Email Source Note
martsheet.com hhttps://www.datanyze.com/people/Mark-Mader/ Professional Address
gmail.com https://www.datanyze.com/people/Mark-Mader/ Personal Address
7.7.5 eDuCation
Level Grade Source
College B.A. in Geography from Dartmouth College https://www.linkedin.com/in/markmader/
School Lakeside School https://www.linkedin.com/in/markmader/
28
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
8 inveStigator profile
29
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
9 Apendix
Source: https://www.indeed.com/cmp/Zoominfo
30
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
b. Building plants
Source: https://my.matterport.com/show/?m=wTwkmFYfpQr
31
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
c. Full Wappalyzer technology check
32
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
33
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
e. Prasadh Cadambi House’s StreetView
Source: https://www.facebook.com/hila.nir.50
34
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL OSINT REPORT MAY - 2022
35
Harrison Marques Freitas - hmarx6@gmail.com - CPF: 701.853.916-13
CONFIDENTIAL