#1 Trending Cyber Security News & Magazine
Friday, June 9, 2023
No Result
View All Result
The Cyber Express
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued

    Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued

    DEVILS SEC Joins KILLNET

    Ukraine at Risk: DEVILS SEC Joins KILLNET in Support of Russia

    Severity Vulnerabilities in Mozilla

    High Severity Vulnerabilities in Mozilla Fixed, Update Now!

    NoName Hacker Group

    NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

    Google Chromium vulnerability

    Have Your Patched This Google Chromium Vulnerability Yet?

    Operation OpSweden

    When Hackers Take the Bait: ‘Sex Championship’ Ruse Sparks Operation OpSweden

    Government Cybersecurity Preparedness

    A Tale of Two US Audits: Why Does Government Cybersecurity Preparedness Fail Miserably?

    Longhorn Cyber Attack

    Longhorn Cyber Attack Puts Data of 28000 Patients at Risk

    Thai Meteorological Department Cyber Attack

    Thai Meteorological Department Cyber Attack, LockBit Sets Deadline

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Martin Sloan, Five Years Of GDPR

    Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

    Nokoyawa Ransomware Group

    All You Need to Know About The Nokoyawa Ransomware Group

    StopRansomware Guide

    Updated StopRansomware Guide Warns of Ransomware’s Shape Shifting Tactics

    Microsoft Entra

    Microsoft Build 2023: Microsoft Entra Introduced With New Identity and Access Features

    Data Protection Commission

    Irish Data Protection Commission imposes $1.3bn Fine on Meta

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    disclosing cybersecurity incidents

    Why Victims Fail to Disclose Cybersecurity Incidents, And Why They Should

    Stakeholder Communication During Crisis

    Stakeholder Communication During Crisis: How to Get It Right

    Government Regulation of AI businesses

    Government Regulation of AI businesses: UK Competition Watchdog Launches Review

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Billtrust Appoints Ankur Ahuja

    Billtrust Appoints Ankur Ahuja as SVP and Chief Information Security Officer

    Cybertech Africa

    Cybertech Africa: The Pan-African Event for Innovation and Networking

    IBM Acquired Polar Security

    IBM Acquires Polar Security Reportedly For $60 Million

    World CyberCon Middle East 2023

    World CyberCon Middle East 2023: The Premier Cybersecurity Conference in the Region

    ODIN by Cyble

    Cyble Launches ODIN: A Revolutionary Tool for Unparalleled Internet Exploration

    cybersecurity investments

    Cybersecurity Investments Up in April, Market Watchers Predict Growth of Over $700 billion

    OilRig APT

    Experts Warn of Increased IT Supply Chain Attacks by OilRig APT in Middle East

    World Password Day 2023

    World Password Day 2023: Protect Your Password, Create an Unbreakable One

    national cybersecurity strategy

    US National Cybersecurity Strategy: Businesses, Let’s Start with Disclosure!

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
SUBSCRIBE
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued

    Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued

    DEVILS SEC Joins KILLNET

    Ukraine at Risk: DEVILS SEC Joins KILLNET in Support of Russia

    Severity Vulnerabilities in Mozilla

    High Severity Vulnerabilities in Mozilla Fixed, Update Now!

    NoName Hacker Group

    NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

    Google Chromium vulnerability

    Have Your Patched This Google Chromium Vulnerability Yet?

    Operation OpSweden

    When Hackers Take the Bait: ‘Sex Championship’ Ruse Sparks Operation OpSweden

    Government Cybersecurity Preparedness

    A Tale of Two US Audits: Why Does Government Cybersecurity Preparedness Fail Miserably?

    Longhorn Cyber Attack

    Longhorn Cyber Attack Puts Data of 28000 Patients at Risk

    Thai Meteorological Department Cyber Attack

    Thai Meteorological Department Cyber Attack, LockBit Sets Deadline

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Martin Sloan, Five Years Of GDPR

    Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

    Nokoyawa Ransomware Group

    All You Need to Know About The Nokoyawa Ransomware Group

    StopRansomware Guide

    Updated StopRansomware Guide Warns of Ransomware’s Shape Shifting Tactics

    Microsoft Entra

    Microsoft Build 2023: Microsoft Entra Introduced With New Identity and Access Features

    Data Protection Commission

    Irish Data Protection Commission imposes $1.3bn Fine on Meta

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    US Police Auction Seized Cell Phones Without Wiping Data, Sparks Privacy Concerns

    disclosing cybersecurity incidents

    Why Victims Fail to Disclose Cybersecurity Incidents, And Why They Should

    Stakeholder Communication During Crisis

    Stakeholder Communication During Crisis: How to Get It Right

    Government Regulation of AI businesses

    Government Regulation of AI businesses: UK Competition Watchdog Launches Review

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Billtrust Appoints Ankur Ahuja

    Billtrust Appoints Ankur Ahuja as SVP and Chief Information Security Officer

    Cybertech Africa

    Cybertech Africa: The Pan-African Event for Innovation and Networking

    IBM Acquired Polar Security

    IBM Acquires Polar Security Reportedly For $60 Million

    World CyberCon Middle East 2023

    World CyberCon Middle East 2023: The Premier Cybersecurity Conference in the Region

    ODIN by Cyble

    Cyble Launches ODIN: A Revolutionary Tool for Unparalleled Internet Exploration

    cybersecurity investments

    Cybersecurity Investments Up in April, Market Watchers Predict Growth of Over $700 billion

    OilRig APT

    Experts Warn of Increased IT Supply Chain Attacks by OilRig APT in Middle East

    World Password Day 2023

    World Password Day 2023: Protect Your Password, Create an Unbreakable One

    national cybersecurity strategy

    US National Cybersecurity Strategy: Businesses, Let’s Start with Disclosure!

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Cybersecurity News

Genesis Market, Down But Not Out

Credentials from info-stealer logs are too lucrative a vector for threat actors to leave just like that, researchers told The Cyber Express

Chandu Gopalakrishnan by Chandu Gopalakrishnan
April 8, 2023
in Cybersecurity News
0
FBI seizes Genesis Market
596
SHARES
3.3k
VIEWS
Share on LinkedInShare on Twitter

It’s been hardly two days since the invite-only website of notorious cybercriminal marketplace Genesis market was shut down. However, researchers have warned that the infrastructure is still there and it’s only a matter of time before a replacement pops up.

Threat intelligence analyst Dominic Alvieri tweeted on Thursday about the Genesis infrastructure remaining active, sharing the screenshot of a long-in window. He confirmed that with The Cyber Express.

You might also like

SEC Charges Binance and Founder Changpeng Zhao with 13 Violations

Nova Scotia Cyber Attack Attributed to MOVEit Transfer Vulnerability Exploitation

Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

Genesis Market infra still active.

/genesis7… https://t.co/RUNfrdc2Wi pic.twitter.com/m9kxccP5Ua

— Dominic Alvieri (@AlvieriD) April 6, 2023

“One backend onion sign in is still live, which I posted. I checked again. It is still live. The domain address begins with /genesis7,” he told The Cyber Express.

“While the takedown of clear web Genesis market domains and arrests of its users is important in reducing the market’s popularity and deter future buyers,” Alon Gal, Co-founder and CTO of Israel-based cybersecurity firm Hudson Rock, told The Cyber Express.

Credentials from info-stealer logs are too lucrative a vector for threat actors to leave just like that, he said.

“It is important to note that the dark web infrastructure of Genesis is still available as of now.”

Genesis market, down but not out

Genesis market was a prominent initial access broker (IAB) in the cybercrime world, offering easy access to the type of system sought by ransomware actors who attacked computer networks globally.

The site is only accessible to users with an invitation code. However, obtaining an invitation code is relatively easy as members who spend $20 on the site can generate one, Gal wrote in his assessment of Genesis market.

In 2020, the platform offered users access to the logs of over 230,000 infected computers, including 20,000 from the United States. Users can filter results by country, infection date, IP range, and browsing history to target specific victims, Gal wrote.

On April 5, 2023, law enforcement officials announced the closure of the Genesis market and the arrest of more than 120 individuals connected to the illegal online marketplace.

With the network being seized and operators arrested by law enforcement, threat actors will just not admit defeat, Gal observed.

“First they will shift their operations to support direct sales of info-stealer logs through Telegram, XMPP, forums and so on, and eventually open a new bazaar,” he said.

Alvieri’s tweet confirms such a move but has also raised doubts whether the existing domain is a honeypot to catch opportunistic criminals.

“It is unclear at this moment whether the login is a honeypot or not,” Alvieri said.

“However, I do believe not all the members were arrested. A few of the leaders appear to know security and have hidden their ID well,” he pointed out.

Genesis market and the coordinated global action

“An unprecedented law enforcement operation involving 17 countries has resulted in the takedown of Genesis Market, one of the most dangerous marketplaces selling stolen account credentials to hackers worldwide, announced Europol.

“As a result of an action day on 4 April, this illegal service was shut down and its infrastructure seized.”

FBI led the global operation, with the assistance of police and law enforcement agencies in in the UK, Italy, Australia, Canada, Romania, France, Spain, Germany, Sweden, Poland, Holland, Finland, Switzerland, Estonia, Iceland, New Zealand Police, and the Europol.

Genesis market has been providing access to stolen data from more than 1.5 million compromised computers worldwide since March 2018, said a US Department of Justice press release.

Over 80 million account access credentials have been advertised for sale, including those belonging to the financial sector, critical infrastructure, and various government agencies.

“The total number of Australian victims is still being calculated but investigators have identified 36,000 compromised Australian devices available for sale on Genesis market,” said an Australia Federal Police (AFP) announcement.

“More than 600 reports to ReportCyber that matches stolen information available on Genesis market,” it added.

The AFP and its regional partners executed 24 search warrants, with 10 arrested in three Australian states, including a Victorian man who is reportedly the most prolific purchaser of compromised information in the country.

“Operational activity will continue over the coming weeks and further arrests are anticipated. Don’t think that because we haven’t knocked on your door yet, we won’t be at all,” the AFP

Genesis was known to be a hub for the sale of illicit drugs, stolen data, and other illegal goods and services. The Dutch Police have developed a portal to help determine the personal details of their citizens have been compromised.

Genesis market had the potential to cause $46 million in harm to the Australian community through the sale of stolen Australian credentials and access to compromised Australian devices, said AFP Assistant Commissioner Cyber Command Scott Lee.

The website was only accessible through the use of specialized software designed to obscure users’ identities and locations, making it a popular destination for criminals seeking anonymity.

“If you used this website to purchase stolen information in the belief that you’re anonymous or that police don’t take it seriously, you are mistaken. This operation proves we are committed to stamping out cybercrime at every level,” Lee said in the AFP statement.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Previous Post

Threat Actor Targets Taps Zimbra Bug CVE-2022-27926, CISA Confirms

Next Post

Android Vulnerability 2023 Report: Google Releases Patches for Critical Vulnerabilities

Chandu Gopalakrishnan

Chandu Gopalakrishnan

Executive Editor, The Cyber Express

Related Posts

SEC charges Binance
Cybersecurity News

SEC Charges Binance and Founder Changpeng Zhao with 13 Violations

by Ashish Khaitan
June 6, 2023
Nova Scotia cyber attack
Cybersecurity News

Nova Scotia Cyber Attack Attributed to MOVEit Transfer Vulnerability Exploitation

by Chandu Gopalakrishnan
June 5, 2023 - Updated on June 6, 2023
Martin Sloan, Five Years Of GDPR
Compliance

Five Years of GDPR: There is a Long Way to Run on Cross-Border Data Transfers

by Chandu Gopalakrishnan
May 28, 2023 - Updated on May 29, 2023
Nokoyawa Ransomware Group
Cyber Essentials

All You Need to Know About The Nokoyawa Ransomware Group

by Chandu Gopalakrishnan
May 26, 2023
UAE banking sector
Cybersecurity News

Cyber Attack on UAE Banking Sector: Mysterious Team Bangladesh Claims to Hit First Abu Dhabi Bank

by Ashish Khaitan
May 25, 2023 - Updated on May 26, 2023
Next Post
Android Vulnerability 2023 Report

Android Vulnerability 2023 Report: Google Releases Patches for Critical Vulnerabilities

Latest Issue is Out. Subscribe Now

Cyber express

CRIL


Follow Us On Google News

Never miss an update. Subscribe!

* indicates required

mailchimp

Latest Cyber News

Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued
Firewall Daily

Critical Vulnerabilities in VMware Aria Operations for Networks Spotted; Patch Issued

June 8, 2023
DEVILS SEC Joins KILLNET
Dark Web News

Ukraine at Risk: DEVILS SEC Joins KILLNET in Support of Russia

June 8, 2023
Severity Vulnerabilities in Mozilla
Firewall Daily

High Severity Vulnerabilities in Mozilla Fixed, Update Now!

June 8, 2023
NoName Hacker Group
Firewall Daily

NoName Hacker Group Sets Sights on Swiss Parliament and SSG in Cyber Assault

June 8, 2023

Categories

Web Stories

Top 10 CISOs to Follow in 2023
Top 10 CISOs to Follow in 2023
Top 10 Ransomware Gangs in 2023
Top 10 Ransomware Gangs in 2023
Top 5 IoT Security Risks in 2023
Top 5 IoT Security Risks in 2023
Top 10 CTF Platforms in 2023
Top 10 CTF Platforms in 2023
Types of Risks Covered by Cyber Insurance
Types of Risks Covered by Cyber Insurance

About

The Cyber Express by Cyble

#1 Trending Cyber Security News and Magazine

The Cyber Express  by Cyble is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

 

Contact

For editorial queries: [email protected]

For marketing and Sales: [email protected]

For Events & Conferences related information: [email protected]

 

Quick Links

  • About Us
  • Advertise With Us
  • Contact Us
  • Editorial Calendar

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

 

India Office:

Cyber Express Media Network
HD-021, 4th Floor, C Wing, Building No.4. Nesco IT Park, WE Highway, Goregaon East, Mumbai, Maharashtra, India – 4000063

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News
  • Privacy Statement
  • Terms of Use
  • Write For Us

© 2022 The Cyber Express (Cyber Security News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Magazine
  • Firewall Daily
  • Essentials
    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • World CyberCon Middle East 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • Products
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)

© 2022 The Cyber Express (Cyber Security News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Top 10 CISOs to Follow in 2023 Top 10 Ransomware Gangs in 2023 Top 5 IoT Security Risks in 2023 Top 10 CTF Platforms in 2023 Types of Risks Covered by Cyber Insurance