FBI (and Others) Shut Down Genesis Market

Genesis Market is shut down:

Active since 2018, Genesis Market’s slogan was, “Our store sells bots with logs, cookies, and their real fingerprints.” Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials.

But earlier today, multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin.

The U.S. Attorney’s Office for the Eastern District of Wisconsin did not respond to requests for comment. The FBI declined to comment.

But sources close to the investigation tell KrebsOnSecurity that law enforcement agencies in the United States, Canada and across Europe are currently serving arrest warrants on dozens of individuals thought to support Genesis, either by maintaining the site or selling the service bot logs from infected systems.

The seizure notice includes the seals of law enforcement entities from several countries, including Australia, Canada, Denmark, Germany, the Netherlands, Spain, Sweden and the United Kingdom.

Slashdot story.

Posted on April 5, 2023 at 11:55 AM2 Comments


Mike and one letter April 5, 2023 7:12 PM

Perhaps some people are now learning what “real fingerprints” meant long ago.

vas pup April 7, 2023 3:41 PM

NYT: US obtained hacking tool in 2021 from NSO group after it was blacklisted


“The United States signed a secret contract with Israeli spyware firm NSO group to acquire an infamous phone hacking tool in 2021, shortly after it blacklisted the company, according to a New York Times report on Sunday.

According to The Times, the contract was signed on November 8 between a company called “Cleopatra Holdings” (in reality a US government contractor, Riva Networks) and NSO’s American affiliate, to acquire a geolocation tool that can secretly trail an individual’s mobile phone without their knowledge or consent.

!!!However, the contract explicitly states that the US government would be the user of the software, though it was unclear which government agency would utilize it. The documents state that it was authorized to “test, evaluate, and even !!! deploy the spyware against targets of its choice in Mexico,” The Times wrote.

Only five days before the contract was signed, President Joe Biden’s administration blacklisted the Israeli firm, accusing it of providing spyware software to authoritarian governments which activated the software against journalists and activists.

The report comes a week after Biden signed an executive order pledging to restrict its use of such commercial spyware tools.

White House officials told The Times they had no knowledge of the contract, but said it was “highly concerning.”

The Pegasus software, perhaps the best-known example of spyware from NSO, was used to target more than 1,000 people across 50 countries, according to security researchers and a July 2021 global media investigation, citing a list of more than 50,000 cellphone numbers. The US has already placed export limits on NSO Group, !!! restricting the company’s access to US components and technology.

===>Officials would not say if US law enforcement and intelligence agencies currently use any commercial spyware.

!!! The FBI last year confirmed it had purchased NSO Group’s Pegasus tool “for product testing and evaluation only,” and not for operational purposes.”*

*Per one former FBI Agent statement [on Dan Bongino show couple months ago] FBI developed utilizing Pegasus own spyware Phantom with similar functions.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.