DOJ announces seizure of cybercrime marketplace Genesis while Treasury issues sanctions

[ad_1]

U.S. Secretary of the Treasury Janet Yellen delivers opening remarks during an event highlighting “anti-corruption work as a cornerstone of a fair, accountable, and democratic economy” as part of the 2023 Summit for Democracy at the Treasury Department on March 28, 2023 in Washington, DC.

Alex Wong | Getty Images

WASHINGTON — The Justice Department confirmed on Wednesday it had seized the Russia-linked online criminal marketplace Genesis Market, working in conjunction with international law enforcement and the Treasury Department.

The Treasury Department’s Office of Foreign Assets Control also sanctioned Genesis , a “darknet” market, for illicit activities related to the theft and sale of device credentials and other sensitive data. CNBC previously reported that Genesis’ domain names had been taken down and replaced with a seizure notice from the FBI.

The announcements from Justice and Treasury came a day after the FBI and a consortium of international law enforcement authorities shut down Genesis Market.

“Our seizure of Genesis Market should serve as a warning to cybercriminals who operate or use these criminal marketplaces: the Justice Department and our international partners will shut down your illegal activities, find you, and bring you to justice,” Attorney General Merrick Garland said in a statement.

Genesis Market was a sophisticated marketplace that was stocked with stolen digital identities, allowing bad actors to impersonate customers at companies such as Amazon, Coinbase or Fidelity. The stolen identities, called “bots,” were lifted from infected computers and could fetch as much as $450 per bot, cybersecurity expert Matthew Gracey-McMinn told CNBC.

The international marketplace steals private information from victims’ devices and offers it for sale, Treasury said in a release Wednesday. Genesis’ users were located around the world, the Justice Department said.

The OFAC designation comes as part of a larger push against Genesis specifically. Records show that Genesis domain names were linked to nameservers in Russia and in China, two nations that have been named as loci for state-sponsored hacking. Treasury said it believes Genesis to be located in Russia, but said its illicit practices are spread globally.

“Today’s takedown of Genesis Market is a demonstration of the FBI’s commitment to disrupting and dismantling key services used by criminals to facilitate cybercrime,” FBI Director Christopher Wray said in a statement.

The market capitalizes on malware-infected computer systems to compile stolen private data, such as mobile device identifiers, email addresses, usernames and passwords to sell to cybercriminals, according to Treasury. Genesis also sells unauthorized access to computer systems.

Approximately 460,000 packages of stolen private information were listed for sale on the marketplace as of Feb. 1, according to the Treasury.

“The United States, along with our international partners, will not allow illicit marketplaces to operate with impunity,” Brian E. Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence, said in a release. “Treasury will continue to work closely with our law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable.”

The action was taken in conjunction with a dozen other countries that are taking law enforcement proceedings against Genesis and seizing website domains tied to the market.

This is a developing story. Please check back for updates.

Chelsey Cox reported from Washington, and Rohan Goswami reported from Englewood Cliffs, N.J.

[ad_2]

Source link