That web server is exploitable, as explained in the article.
Note that most Zoom users (probably lots of business people) won't be capable of following the uninstall steps necessary at the moment..
Is this because I'm scrupulous about killing LaunchAgents and LaunchDaemons?
ps aux | grep zoom
You'll probably see "ZoomOpener" there. It is running but it's not in the "Force Quit" menu. Then, to kill it run:
Then you can follow the other directions indicated by the previous poster who gave information about how to lock your ~/.zoomus directory down to root so that it can't install itself again.
My feeling is that removing the startup item probably cripples this, no? I mean, fuck them for doing this, and get rid of all of it, but I think the StartupItem is required for their hack to work.
Did no one at all speak up and say "hey, running secret webservers on obscure ports without telling the user is shady stuff"?