Categories: CyberCrimeSecurity

Criminal Website Genesis ‘Still Online’ After Takedown

A dark-web version of the hacking platform Genesis Market is still online and “fully functional” a month after the mainstream version of the site was taken down in a dramatic operation last month, security experts said.

Computer security company Netacea said the international operation led by the FBI and the Netherlands to take down Genesis only disrupted the site for about two weeks.

“Taking down cyber-crime operations is a lot like dealing with weeds. If you leave any roots, they will resurface,” Netacea principal security researcher Cyril Noel-Tagoe told the BBC.

He said the administrators, darknet website and malicious software infrastructure survived the police action.

Image credit: FBI

Site update

Administrators of the criminal site have recently posted an update saying they have released a new version of their specialised hacking browser, resumed collecting data from hacked devices and added more than 2,000 new victim devices to the market.

Genesis facilitates identity fraud by providing stolen credentials for popular websites such as Amazon, eBay, Facebook, PayPal and Netflix, along with other stolen data such as cookies and IP addresses allowing users to impersonate a victim.

At the time of the April takedown the website was offering some 80 million digital profiles of more than two million potential victims.

The market is noted for its user-friendly interface, making it easy for criminals to steal services or log into users’ bank accounts and remove funds.

Image credit: NCA


The fact that the site operated on the mainstream internet made it all the easier for criminals to use.

In an interview with cybersecurity firm Recorded Future late last month, Deputy Attorney General Lisa Monaco acknowledged that the enforcement action had prioritised disrupting Genesis’ operations, rather than ensuring effective prosecutions of its operators.

“We’re going to use whatever tool we can to disrupt and prevent. What you saw here is us going after the enablers, the facilitators, the engine that allows so many people to enter into the online criminal marketplace,” she said.

She noted that Genesis had “lowered the barrier to entry for the kind of fraudster looking for easy access”.

‘Criminal trust’

The NCA told the BBC that while Genesis continues to operate on the dark web, the “volume of stolen data and users has been significantly reduced”, with “criminal trust” in the service damaged.

Genesis was previously considered one of the top three fraud websites, along with Russian Market and 2Easy.

US officials have said they believe Genesis is operated from servers based in Russia, making it more difficult to take effective action.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

7 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

7 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

7 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

8 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

8 hours ago

Meta Delays EU AI Launch After Privacy Complaints

Meta delays Europe launch of AI in Europe after user, privacy group complaints over plans…

9 hours ago