FBI: Genesis Market shut down, dozens arrested

Several domain names linked to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of infected computers, were seized today by the Federal Bureau of Investigation (FBI).

Πηγές they reported to KrebsOnsecurity that the domain seizures coincided with "dozens" of arrests in the United States and Europe targeting those who allegedly operated the service, as well as the suppliers who were constantly feeding Genesis Market with new stolen data.

The market has been active since 2018, and its slogan was “Our store sells bots with logs, cookies and real fingerprints”.

As of today, the homepages of the infected domains and the online marketplace have been replaced with a seizure warning from the FBI, stating that the domains were seized pursuant to a warrant issued by the US District Court for the Eastern District of Wisconsin.

Law enforcement agencies in the United States, Canada and across Europe are currently serving arrest warrants for dozens of people believed to have supported Genesis, either by maintaining the site or selling bot logs from infected systems. The seizure announcement said it was made by various law enforcement agencies from Australia, Canada, Denmark, Germany, the Netherlands, Spain, Sweden and the United Kingdom.

One feature of Genesis that differentiated it from other bot stores is that customers could maintain access to infected systems in real time. So even if the legitimate owner of an infected system created a new account online, the new credentials were immediately displayed in the web-based panel of the Genesis client.

"While some malware is designed to remove itself after an attack, there are others that create permanent access," says cybersecurity firm SpyCloud.

“This means that attackers have access to the data as long as the device remains infected, even if the user changes their passwords.

SpyCloud reports that Genesis Market had more than 430.000 stolen identities for sale early last year and that there are many other markets like it.

