A new cybercrime marketplace has been found on the darknet. This new marketplace called “Genesis” is unlike any other in the hacking scene. This new service launched in the fall of 2018 and is being advertised as a secondary/related service on carding forums where hackers sell payment information. The main product being sold is the victim’s full digital profile. Attackers gather this information by tricking users to install false browser extensions which record the account passwords and full browser details. Once sufficient information has been recorded it sends the information to the Genesis operators. User profiles include, but are not limited to, browser history, online banking services information, file-sharing, payment portals, and social media profiles. The operators of Genesis profit from the sale of the complete user profile and it can cost an attacker anywhere from $5-$200 in cryptocurrency, depending on the user’s information. Then the attacker can log into the user’s accounts and attempt to steal money, photos, sensitive documents or create false paperwork to submit to federal agencies like the IRS.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased