Genesis Market, one of the largest online criminal marketplaces, has been seized by the FBI in an international operation that involved over a dozen partners.
The site, which operated on both the dark and regular web, provided a range of criminal services including stolen credentials and tools for weaponizing data.
It was linked to millions of financially motivated cyber incidents, including fraud and ransomware attacks. The Record, a cybersecurity news site, understands that a large number of arrests are being made globally.
Unlike competitors such as Russian Market or 2easy Shop, Genesis Market provided criminals access to “bots” or “browser fingerprints” that enabled them to impersonate victims’ web browsers, including IP addresses, session cookies, operating system information, and plugins.
This allowed users to bypass multi-factor authentication and access subscription platforms such as Netflix and Amazon, as well as online banking services, without triggering security warnings. Once purchased, the “bots” could be imported into a browser the criminals had developed called Genesis Security.
The bots allowed criminals to masquerade using the stolen credentials.
Genesis Market was an invite-only site, but it was discoverable through regular web search engines. As with most large-scale criminal forums, invite codes were widely available, even being offered on YouTube videos. The low barrier to access was part of the design of the criminal service, which functioned as a one-stop-shop for fraud.
Genesis even provided a Wiki explaining how it worked for new users in a bid to commoditize the fraud. The site did not have a list of third-party vendors, such as the RedLine, Vidar, Raccoon, or META infostealers listed on Russian Market.
