Sunday, July 14, 2024

Authorities Seized Most Popular Marketplace for Stolen Credentials

Law enforcement agencies seized the domains for Genesis Market, one of the world’s biggest marketplaces for cyber fraud. Genesis has been connected to millions of financially driven cyber incidents worldwide, from fraud to ransomware attacks.

Genesis served as a one-stop shop for thieves, selling stolen credentials and the tools to weaponize that data.

The login pages of Genesis Market’s websites have been changed to a splash page announcing the takedown, titled Operation Cookie Monster. Both on the regular web and the dark web, the organization maintained websites.

Genesis Market domains seized by the FBI

Accessing the Genesis Market domains reveals a banner stating that the FBI has executed a seizure warrant, even though authorities have not released press statements announcing the seizure.

Given that the FBI is searching for anyone who has contact with them, it appears that the marketplace’s administrators have not been recognized. Keeping a low profile for so long suggests that whoever is behind the Genesis Market has a solid understanding of operational security.

“These seizures were possible because of international law enforcement and private sector coordination,” reads the seizure banner.

“For too long criminals have stolen credentials from innocent members of the public,” Robert Jones, director general of the National Economic Crime Centre at the NCA, said.

“We now want criminals to be afraid that we have their credentials, and they should be.”

Genesis Market – A One-Stop Shop for Login Data

Login information, IP addresses, and other information that served as the victims’ “digital fingerprints” were sold by Genesis Market.

The personal data, frequently less than $1, allowed thieves to access bank and shopping accounts.

Reports say Genesis Market offered hackers access to “bots” or “browser fingerprints, ” enabling them to impersonate victims’ online browsers. These fingerprints included IP addresses, session cookies, operating system details, and plugins.

They generated money by renting out the account identities using bots that had stolen accounts together with the fingerprint information that gave the access the appearance of being authorized.

Genesis Market operators made it simpler for clients by offering browser plug-ins that could import the login information and digital fingerprints of a hijacked account, immediately assuming the digital identity of the actual owner. Buyers may pay less than $10 for access to an account for a specified period, depending on the type of account.

Many services with global user accounts were accessible through Genesis Market. Gmail, Facebook, Netflix, Spotify, WordPress, PayPal, Reddit, Amazon, LinkedIn, Cloudflare, Twitter, Zoom, and eBay were a few among them.

Building Your Malware Defense Strategy – Download Free E-Book

Related Read:


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles