A notorious source of stolen credentials, genesis.market, has had its website seized by the FBI.
Security vendor Sophos has identified genesis.market as “an invitation-only marketplace” from which buyers can acquire “stolen credentials, cookies, and digital fingerprints that are gathered from compromised systems.”
Sophos described the stolen data souk as an initial access broker (IAB) – a business that compromises systems and services, steals data, and sells it. Genesis.market specialized in lifting “credentials, cookies, and digital fingerprints” and not only sold that data but offered a subscription service to provide up-to-date information on individuals it tracked.
The security firm also found Genesis offered “customer-service features that let bad actors concentrate on doing crimes, not tech” including a “polished interface with good data-correlation capabilities; effective and well-maintained tools for customers, including a robust search function; and mainstream accoutrements such as an FAQ, user support, pricing in dollars (though payment is in Bitcoin), and competent copyediting.”