Jump to content

Genesis Market

From Wikipedia, the free encyclopedia
Genesis Market
Logo
Screenshot of the surface web homepage after FBI takeover, April 2023
Type of businessCybercrime-facilitation website
Available inEnglish
Founded2017
Country of originRussia (according to U.S. government statements)
No. of locations218 countries
ProductsStolen personal data, including passwords
URLhttps://www.genesis.market/
Archiveurl: https://web.archive.org/web/20230405125526/https://www.genesis.market/

Genesis Market was a cybercrime-facilitation website noted for its easy-to-use interface. It enabled users to spoof over two million different victims, providing access to their bank accounts.

The website was founded in 2017 and its publicly visible web operations were reportedly shut down by an international police operation in April 2023. Two weeks later the website was operational again.

The US government has stated that the website is operated from within Russia.

Description

[edit]

Genesis Market was an English language website that facilitates identity fraud using personal details including passwords to popular websites including Airbnb, Amazon, eBay, Facebook, Fidelity, PayPal, and Netflix.[1][2][3] The personal details used were stolen from 1.5 million computers.[4] At the time its operations were disrupted, the website had 80 million digital profiles[4] of over two million potential victims available.[5] The scope of the thefts enabled by the website is not known, but the Federal Bureau of Investigation reported US$8.7 million of cryptocurrency thefts, and stated that the total theft is estimated to be tens of millions of dollars.[4]

It is noted for its user-friendly interface and providing users with an easy means to digital adopt a target's identity to facilitate cybercrime. The website is used by fraudsters to impersonate target users without their knowledge and steal money from target's bank accounts.[1]

In 2022, it was considered one of the top three such websites, the other two being Russian Market, and 2Easy.[6]

United States Secretary of State, Antony Blinken stated that the website is operated from within Russia.[4]

Genesis Market was known for selling persistent access to victim's computers. The info-stealers malware, would send an update of the password of a victim to Genesis Market, when it was changed. The National Police Corps (Netherlands) worked together with Trellix and Computest to analyse the Danabot Malware to share the unique elements of the infection with VirusTotal and Microsoft to create Antivirus software for this specific infection. [7] [8] [9]

The National Police Corps (Netherlands) also launched a service called 'CheckYourHack' to check if an e-mail address was listed on Genesis Market. If it was, this service would provide a victim with an e-mail message containing advice how to mitigate their vulnerabilities.[10]

History

[edit]

Genesis Market was launched in beta form in 2017.[11]

In December 2020, the Federal Bureau of Investigation, in collaboration with another unnamed national law enforcement agency, copied Genesis Market's server data, capturing user data of the site's 33,000 users in the process.[4]

In May 2021, the website provided 374,401 target profiles in 218 countries.[11]

The Federal Bureau of Investigation shut down the website's surface web domains in April 2023 as part of the international law enforcement operation known as Operation Cookie Monster.[1][12] This international operation was led by the U.S. Federal Bureau of Investigation (FBI) and the Dutch National Police (Politie), with a command post set up at Europol’s headquarters on the action day to coordinate the different enforcement measures being carried out across the globe. The law enforcement operation involved seventeen countries including the British, Australian, Canadian, Spanish, Italian, German, Swedish, Polish, Danish, and Romanian police forces.[13][5] After shutting down the website, 119 people were arrested and 208 properties were searched as part of the international collaborated police actions.[4]

Within two weeks of the shut down a mirror[14] of the website was fully functioning on the dark web.[15]

See also

[edit]

References

[edit]
  1. ^ a b c "Genesis Market: Popular cybercrime website shut down by police". BBC News. 2023-04-05. Archived from the original on 2023-04-05. Retrieved 2023-04-05.
  2. ^ "ФБР захватило один из центров киберпреступников Genesis Market". dev.by (in Russian). Archived from the original on 2023-04-05. Retrieved 2023-04-05.
  3. ^ Goswami, Rohan. "Cybercrime marketplace Genesis Market shut by FBI, international law enforcement". CNBC. Archived from the original on 2023-04-06. Retrieved 2023-04-06.
  4. ^ a b c d e f Hardcastle, Jessica Lyons. "International cops put the squeeze on Genesis Market users". www.theregister.com. Archived from the original on 2023-04-06. Retrieved 2023-04-08.
  5. ^ a b "Notorious cybercrime forum taken down in international operation". Al Jazeera. Archived from the original on 2023-04-07. Retrieved 2023-04-07.
  6. ^ "Stolen data of 600,000 Indians sold on bot markets so far - study". Reuters. 2022-12-08. Archived from the original on 2022-12-15. Retrieved 2023-04-05.
  7. ^ "Archived copy". Archived from the original on 2024-05-21. Retrieved 2024-07-17.{{cite web}}: CS1 maint: archived copy as title (link)
  8. ^ https://www.trellix.com/blogs/research/genesis-market-no-longer-feeds-the-evil-cookie-monster/
  9. ^ "Archived copy". Archived from the original on 2024-07-18. Retrieved 2024-07-17.{{cite web}}: CS1 maint: archived copy as title (link)
  10. ^ https://www.politie.nl/en/information/checkyourhack.html
  11. ^ a b "Inside look at the Genesis Market, a cybercriminal market | 2021-05-06 | Security Magazine". www.securitymagazine.com. 6 May 2021. Archived from the original on 2023-01-17. Retrieved 2023-04-05.
  12. ^ Lyngaas, Sean (2023-04-04). "'Operation Cookie Monster': FBI seizes popular cybercrime forum used for large-scale identity theft | CNN Politics". CNN. Archived from the original on 2023-04-05. Retrieved 2023-04-05.
  13. ^ Holden, Michael; Pearson, James; Pearson, James (2023-04-05). "'Operation Cookie Monster': International police action seizes dark web market". Reuters. Archived from the original on 2023-04-05. Retrieved 2023-04-05.
  14. ^ "Suspicion stalks Genesis Market's competitors following FBI takedown". therecord.media. Archived from the original on 2023-05-26. Retrieved 2023-05-26.
  15. ^ "Hacker marketplace still active despite police 'takedown' claim". BBC News. 2023-05-12. Retrieved 2023-05-26.


[edit]