Genesis Store, an invite-only marketplace on the dark web, is offering more than 60,000 stolen profiles. The credentials on sale include credit card details, browser fingerprints, usernames and passwords.The market is charging between $5 and $200 for the stolen data. According to Genesis Store operators, a unique algorithm automatically calculates the prices for these details.
The level of importance carried by the stolen data determines their value on the market. Online banking profiles, for instance, are quite expensive.
Cybersecurity firm Kaspersky Lab was behind the investigations that led to this discovery.
Genesis Store is a major marketplace for stolen credentials.
The platform provides a chance for its users to choose the specific credentials they need by including the specifications of the stolen data.
The users can select such information as the name of the website, the country in which the victim lives as well as the date the profile launched in the market.
The hacking process includes sending malware to the victims’ accounts, which automatically collects cookies, logins and passwords.
According to the report from Kaspersky researchers, users of Genesis Store use a unique .crx plugin for Chromium-based browsers.
The plugin makes it easy for the customers to install the stolen profiles.
According to Kaspersky, the buyers of this data can easily use it to impersonate their victims.
They only need to use their victims’ IP addresses to get around the verification mechanisms of the anti-fraud systems.
Besides, the market allows customers to come up with unique fingerprints which allow them to use stolen bank card data when visiting online stores.
These fingerprints also help them get past the anti-fraud verification systems.
An Advanced Browser for Cybercriminals
Furthermore, Kaspersky researchers disclosed that the market offers its customers Tenebris Linken Sphere, a browser that allows them to use stolen details and bypass the anti-fraud systems.
The Tenebris Linken Sphere is more advanced than the Genesis plugin.
This browser has superior fingerprint configuration along with automatic validity testing for the proxy server.
Further, the Tenebris Linken Sphere has a user activity emulator which gives hackers the power to program the browser to open the websites they want and stay online for as long as they wish.
Therefore, hackers can manipulate the behavior analysis modules of the anti-fraud systems.
Kaspersky also reported that the Tenebris Linken Sphere has an alternative marketplace from which customers can get unique fingerprints and use them on the browser.
Members of Genesis Store can subscribe to the Tenebris Linken Sphere for $100 per month. For those who need unique fingerprints, the subscription fee is $500 per month.
Digital Mask Anti-Fraud Technique
According to experts at Kaspersky, the Genesis Store has found a way to abuse the digital mask anti-fraud technique, which verifies customer profiles based on the device they are using and their behavioral traits.
Once a user enters their personal, financial and payment details, the anti-fraud verification system matches the person against the digital mask.
There is a unique mask for each user, which identifies the fingerprints on the browsers and devices that the customer often uses.
The digital mask uses machine learning and advanced analytics to identify the customers’ cookies, source computer and online behavior.
The anti-fraud teams only approve transactions once they determine that the person online is the actual user.
If they notice something suspicious with the bank card, they can either cancel the transaction or forward it for further assessment.
Kaspersky, however, discovered that cybercriminals have found a way to duplicate the digital masks.
These hackers use digital doppelgangers to log into their victims’ accounts without the anti-fraud systems detecting them.
The Spread of Cybercrime
The existence of the Genesis Store and the Tenebris Linken Sphere has made cybercrime a severe issue to fight.
With just enough cash, cybercriminals can get access to all kinds of online credentials.
According to estimates from last year, the losses from ecommerce, banking services, airline ticketing and money transfers due to online fraud were set to hit $22 billion in 2018.
If these crimes continue at their present rate, the total losses by 2023 will be around $48 million.
Kaspersky warned that the departments in charge of security in financial entities need to be more vigilant in preventing cyberattacks.
These companies should upgrade their verification systems by adopting additional two-factor authentication for all bank card transactions even when the protection systems view online profiles as legitimate.
They also suggested that organizations should use the most advanced analytics for customer behavior.
Integrating threat intelligence feeds into their security controls can help them prepare adequately for future attacks and access updated threat data.
Kaspersky experts noted that despite the inconvenience that comes with two-factor authentication, it is still the safest option for online banking.