Genesis Market, one of the largest criminal marketplaces in the world, may still be operational after a global law enforcement shutdown this week.
The takedown was made up of dozens of coordinated law agency raids all over the globe, including several in the UK.
200 searches were carried out globally and 120 people were arrested, BBC reported.
Coined as an “eBay for cybercriminals” the criminal marketplace was used by hackers to purchase passwords, IP addresses and all of the data that makes up someone’s digital fingerprint.
Genesis Market bots undertook large-scale infections of consumer devices to steal their cookies, saved logins and autofill form data – all of which is packaged and sold to customers on the platform.
According to the UK’s National Crime Agency (NCA), 24 people were arrested in the UK – including two men aged 34 and 36 in Grimsby, Lincolnshire.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThis information could be used by a cybercriminal to access everything from a victim’s shopping cart to their bank account, and it often cost less than $1.
However, according to evidence from an underground forum provided by cybersecurity firm Outpost 24, it seems Genesis Market may still be able to be accessed via its dark web TOR address and administrators seem to be working on new domains.
“Genesis has answered to the seizure by the FBI by migrating to a new platform, apparently they’re up and running again,” Victor Acin, head of threat intel research at Outpost24, told Verdict.
Acin added: “It’s not odd to see this kind of reaction and response; these groups typically have multiple members and unless the entire group and their infrastructure is taken down at the same time its more akin to playing a game of whack-a-mole.”
Cybersecurity firm ZeroFox backed up this claim, writing: “Although accessing the deep web version of Genesis Market displays an alleged FBI seizure announcement, the site remains accessible, stable, and functional via the TOR address.”
The response comes as experts remained cautious about the effectiveness of law enforcement’s takedown of Genesis.
“Viable alternatives to Genesis do exist, including gated sites that require a monetary deposit to use the site. It is likely that former users for Genesis will turn to these services to purchase stolen logs and credentials,” Roman Faithfull, cyber threat intelligence analyst at ReliaQuest, told Verdict.
“It is also realistically possible that threat actors will turn to purchasing or creating their own info stealers, as recommended on cybercriminal forums, until a trusted and viable Genesis alternative returns.”