[German]In a coordinated action, the FBI and international law enforcement have seized and taken down the domain of Genesis Market, dismantling one of the most important criminal online platforms. The Genesis Market was a central hub for criminals seeking to purchase stolen credentials as well as tools to harvest such credentials. The Market was linked to millions of cyberattacks, from fraud to ransomware cases.
The Internet domain in question has been served with a notice of seizure by the Consortium of International Law Enforcement Officials since it was seized on Tuesday, April 4, 2023.
The whole operation was probably codenamed Cookie Monster and was supported by FBI, Europol, Eurojust, Australia, Canada, Germany, Poland, Sweden and other authorities. The Genesis backers maintained websites on the dark web as well as the regular web. Genesis Market acted as a one-stop shop for purchasing stolen website credentials.
The site provided cybercriminals with access to "bots" or "browser fingerprints" that allowed buyers to impersonate the victim – which included mirroring their IP addresses, session cookies, operating system information and plugins. The sales are linked to millions of financially motivated cyber incidents, from fraud to ransomware attacks, that have occurred around the world.
According to CNBC, about 350,000 bots were active in 2021 to carry out attacks under the flag of victims for the perpetrators. CNBC is referring to this report from Netacea. According to CNBC, it is currently unclear whether the owners and administrators of Genesis can be arrested. They are likely located in Russia or a Russian-speaking region, according to Matthew Gracey, security researcher at Netacea. However, The Redorded Media here assumes that the seizure of the servers will result in a large number of arrests worldwide.
Security vendor Sophos points in the tweet above to its August 2022 analysis Genesis Brings Polish to Stolen-Credential Marketplacesin which the company reveals Insides to the Market., in denen das Unternehmen Insides zum Market offen legt.
Cookies helps to fund this blog: Cookie settings