Inside Genesis Market: The Dark Web's Infamous Hacker Marketplace Shut Down by Global Law Enforcement The US Department of Justice, in partnership with Europol, just announced the successful takedown of Genesis Market, a notorious hacker marketplace that sold access to infected devices and stolen account credentials. This operation involved 17 countries and resulted in 119 arrests, 208 property searches, and 97 knock-and-talk measures. Genesis Market was a platform that advertised and sold packages of account access credentials stolen from malware-infected computers. The market was designed to provide an easy and cheap way for cybercriminals to buy and sell stolen data. The cybercriminals behind Genesis Market are estimated to have made over $200 million from their illicit activities. This so-called "Operation Cookie Monster" seized 11 domain names pursuant to a warrant authorized by the US District Court for the Eastern District of Wisconsin. While the public website was taken down, its .onion domain was still accessible on the dark web using Tor. What's particularly concerning about Genesis Market is that it was accessible on the open web, although obscured from law enforcement behind an invitation-only veil. Its accessibility and cheap prices greatly lowered the barrier of entry for buyers, making it a popular resource among hackers. Genesis Market reportedly had about 59,000 registered users, and since its emergence in March 2018, it has offered access to data stolen from over 1.5 million compromised computers around the world containing over 80 million account access credentials. This takedown is part of a larger trend of law enforcement cracking down on cybercrime. Just in the past year, there have been three big takedowns, including Hydra Market in April 2022 and BreachForums in March 2023. Hydra, an illicit online marketplace, had been in operation since at least 2015 and experienced a meteoric rise in the years that followed. According to a report jointly published in 2021 by the security firm Flashpoint and blockchain analysis company Chainalysis, Hydra generated over $1.37 billion in annual revenue in 2020, a staggering increase from the mere $9.4 million it made in 2016. The German authorities confirmed that the site boasted 17 million customers and more than 19,000 registered seller accounts, highlighting the scale of its operations. BreachForums, a popular dark-web forum, has been at the center of several major incidents, including this month's breach of DC Health Link. FBI agents arrested Conor Brian Fitzpatrick of BreachForums in Peekskill, New York, for one count of "conspiracy to solicit individuals with the purpose of selling unauthorized access devices," according to an affidavit from an agent. During the arrest, Fitzpatrick allegedly admitted to running BreachForums and said he used the alias "Pompompurin," per the affidavit. Bloomberg first reported on the arrest. The DOJ claims it has "dismantled the darknet's largest marketplaces" due to those three operations over the last year. Cybercrime is a serious threat to our national security and the safety and security of individuals and businesses around the world. actors on the Genesis Market would engage in a range of illegal activities, including stealing personal information, financial fraud, and spreading malware. Criminals would obtain bots that would perform attacks Upon purchasing a bot from Genesis Market, "criminals would get access to all the data harvested by it such as fingerprints, cookies, saved logins and autofill form data," Europol said. This gave criminals access to sensitive data from their victims, such as credit card numbers, social security numbers, and medical records. The cheapest bots sold for less than a dollar each but others fetched hundreds of dollars and provided access to online banking accounts. Europol said that Genesis Market shoppers were "provided with a custom browser which would mimic the one of their victim," letting them access victims' accounts "without triggering any of the security measures from the platform the account was on. These security measures include recognizing a different log-in location, a different browser fingerprint or a different operating system." A Brian Krebs report described the Genesis offering as "a custom Web browser plugin which can load a Genesis bot profile so that the browser mimics virtually every important aspect of the victim's device, from screen size and refresh rate to the unique user agent string tied to the victim's web browser." The DOJ said it accessed Genesis Market's user database. "The database contained the purchase and activity history on all users, which the feds say helped them uncover the true identities of many users," Krebs wrote. The takedown of Genesis Market and the other marketplaces sends a strong message to cybercriminals that they will be caught and held accountable for their crimes.
Ещё видео!