For many up to a few weeks back Zoom was the cool way to do video conferencing. No sign up and simple controls, I mean who wants the fuss of actually logging in right?

Zoom, that since it became more popular than ever during quarantine and then it went through serious security issues with many holes found in its security.

Now it seems that for 500,000 of Zoom users it maybe their first introduction to the Dark Web..... and the phrase "zoombombing" where hackers can enter video calls that they were not invited to.

Cybersecurity company Cyble has raised has alerted that more than 500,000 Zoom user accounts for sale on Dark Web forums for salefrom $0.002,and in many cases are directly "gifted" to annoy people in video calls, just for fun..

Zoom accounts began appearing on these forums from April 1, and include personal user information such as email address, passwords, personal meeting links, and the HostKey code, which allows you to take control of a meeting.

So not so much fun then for the user! Another careless security breach by yet another 'great' Tech company.

The "Dark Web" is a concept that is opposed to that of "Clearnet"- which is the more common internet we know. Dark Web sites are not accessed publicly through an address or a search engine.

Firstly how did Zoom allow this to happen, how they steal data?

These user credentials take advantage of data from old leaks, with which "hackers" have managed to access the current Zoom user accounts using stuffing techniques or credential filling, as reported by the Bleeping Computer.

In cases where they managed to enter the accounts, this data has been collected in lists that are currently sold on hacker forums on the Dark Web. Some account credentials were even offered for free so hackers could use them for malicious activities or for zoombombing, which involves entering group calls as an intruder, or sold simply to create chaos in third-party calls.

The "Dark Web", what is it?

Deep Web and Dark Web are two terms that are used a lot to define a part of the internet that most of us don't know much about. In the press and In general, its use is associated withsecurity circles it is generally associated with criminal activities.

First things first: "Clearnet". This would be the internet as most people know it. we use it everyday and access by a URL and, if we search Google, Bing or any search engine, it appears quickly and everyone is happy.

As it happens, about 90% of the content available on the web is not accessible through the search engines and browsers that we all use. It is simply not public.Pages blocked by a paywall, files saved on services like Dropbox, or temporary pages that are created as you browse, which are then deleted. This is the "Deep Web".

The Dark Web is just 0.1% of that part. It is an area where content is intentionally hidden from search engines with masked IP addresses and accessible only with a special web browser.

The Dark Web works within the Deep Web. The Dark Web is then segmented into different "Darknets". To access these, users use a special browser. One of the best known is TOR, although there are others like Freenet, I2P or ZeroNet: each of these is a Darknet.

The important thing is to understand that the contents (pages etc) are "non-indexable" content, thus they will not be displayed by Google, Bing and other search engines.

For all these reasons, the Deep Web is partly used as the Dark Web, special for crime and hackers. It is here where the Zoom accounts are for sale along with all the other data from corporate giants such as BA, FaceBook, Experian, Credit Cards and the many other firms and places that have allow personal date to be stolen.

Posted in Cyber Insurance blog, InsurTech blog on Apr 16, 2020