What is Genesis Market? How to Protect Your Online Accounts

Suspicious man selling folders hidden in his coat
Click here for a summary!
What is Genesis Market? A Quick Summary

The Genesis Market sells hacked personal accounts. One scroll through the platform will reveal thousands of stolen Facebook, Netflix, Instagram, and even PayPal accounts. The information is obtained with botnets, and it’s disturbingly easy to access. Genesis equips its buyers with the tools needed to overcome simple security fail safes.

This is the best way to keep your data from ending up in a place like Genesis Market:

  1. Install the best antivirus. In our book, that’s Kaspersky antivirus. It has effective protection against malware, easy-to-use software, and extra payment protection. If you want to get it now, check it out here.
  2. Use a VPN. This will secure your network and help keep your identity private. If you’re looking for a good option, we recommend NordVPN.
  3. Subscribe to a password manager. There are many decent free password managers, like the free version of NordPass, that help you keep your passwords secure and strong.

For more information about how the Genesis Market operates, and how you can protect yourself, keep reading our article below.

The Genesis Market is a credentials marketplace where criminals can purchase account bundles. These bundles contain login information to personal accounts. They vary in price from a few dollars for a Netflix, Amazon, or Facebook account, to hundreds of dollars for complete digital identities, including bank account information.

The login information available on Genesis is harvested with special bots. Buyers of these bots get access to technology that helps them use account login details whenever they want. This means Genesis buyers can access an account without triggering security measures from the platform an account is on. Since it’s able to perform this service, Genesis is different from other (black) markets — and a potential danger to many.

Botnets and Browser Fingerprints: The Tech Behind Genesis Market

If someone hacks your Facebook password through brute force and tries to log into your account, Facebook won’t let them. They’ll recognize a different browser fingerprint, a different location, or other operating system details. If you have multi-factor authentication active, that will stop the breach.

To bypass anti-fraud solutions like this one, hackers use an invasive trick that copies your browser fingerprint. Before we dive into that, however, it’s important to understand how hackers use botnets to gather and sell your data on the Genesis Market.

Botnets are networks of computers infected with malware. They’re all controlled from afar by a “botmaster” and the owners of the compromised computers are likely unaware of what’s happening. First, a hacker (the “botmaster”) creates the malware that will infect your computer and extrapolate account login details. Then, they package all of it in a bot: a program that can act on its own once it’s inside your computer.

Botnets infographic, Botmaster controlling infected devices

Once a device is infected, the bot can start gathering data. In the case of Genesis Market, bots usually steal banking details and email logins to services like Netflix, Amazon, Facebook, YouTube, PayPal, Steam, or other online accounts.

How do Genesis Market bots work?

When criminals buy identities from the Genesis marketplace, they get access to the bot that infected a victim’s computer. They get all the data harvested at that moment, and any data the bot may get in the future.

For example, if hackers infect a shared work computer with a Genesis bot, and a new user logs into their accounts from that computer, the bot will update. The new data will be added to the bot at no additional cost to the person who initially purchased it from Genesis.

So what about bypassing those security measures? On the Genesis Market, cybercriminals can create browser fingerprints to mimic a browser. If they do this, their login attempt won’t be considered suspicious by the service, meaning you won’t be prompted.

To use the stolen data, Genesis offers two applications:

  • Genesis Security Plugin: this is a regular plugin that people can add to their browser. With it, they can use the data purchased on Genesis anonymously.
  • Genesium Browser: for added security, criminals can use this Chromium-based browser that was built specifically for Genesis Market users. It comes with the Genesis Security Plugin already installed.

To summarize: whenever someone buys a bot from Genesis, they get access to stolen personal information, and the means to use it. If your computer is part of a botnet, your data is constantly at risk. This is what makes Genesis so dangerous.

So how can you protect yourself from the dangers of markets like Genesis?

How to Make Sure Your Data Doesn’t End Up on Genesis Market

Hackers use a variety of methods to infect a device and add it to a botnet. These include phishing attacks, man-in-the-middle attacks, and any other attempts to get malware on your computer.

The safest way to protect your data is to not allow that software to make its way onto your device. Here are a few tips on how to do that:

Infographic showing steps to make sure your data does not end up on the genesis market and become compromised

  1. Use an up-to-date antivirus program. This type of software can identify malware and stop it from infecting your computer. We highly recommend Kaspersky:
    Visit Kaspersky
  2. Connect to a VPN. This will encrypt your connection and keep you safe and anonymous while online. Your IP address will be hidden and all of your data will be protected, making it a lot harder for any type of hacker to get access to your information. A good VPN provider to consider is NordVPN.
  3. Don’t click on unknown links. As an extension of that, don’t open dodgy websites and don’t share your credentials with anyone. Read our eight simple steps to stay safe online to find out more.
  4. Install a password manager. This type of software will keep your credentials protected and help you create unique and strong passwords. We recommend a paid version for maximum security and usability. If that isn’t for you, don’t worry. There are several excellent free password managers you can use instead. We’d personally recommend NordPass, which has both a nice free version and a fantastic premium package.

How to Tell Whether Your Data Was Stolen

It’s not always easy to tell whether you’ve become the victim of a Genesis Market sale. There are two kinds of ways you can find out, however. One focuses on identifying when your computer is part of a botnet, while the other looks at odd behavior on your accounts.

If your data was not sold or made public yet, your digital life can continue as normal for months. Meanwhile, trouble is brewing on your hard drive. Here are some telltale signs that your computer might be part of a botnet:

  • Your powerful antivirus program tells you so. A good antivirus program can identify malware, including bots, and protect you from them.
  • You have a slow internet connection. If your computer is part of a botnet, your internet connection may suffer. This is because hackers use botnets to spam other networks, taxing your bandwidth in the process. Do make sure your slow connection isn’t due to some other factor, like a slow server or a high volume of traffic due to, for example, torrenting.
  • Some applications won’t close. Bots like the ones used to harvest data for Genesis will prevent you from closing the applications they infected.
  • You can’t update your OS. This is a telltale sign of botnet infestation, because the most popular operating system updates also contain malware protection features. An effective botnet will stop OS updates to prevent being caught.
  • You experience random computer shutdowns. Botnets will usually shut down computers when they’re active, so if this happens without reason, especially in combination with other signs, you might want to make sure your device hasn’t been added to a botnet.

If you fear your login data has already been shared and sold on Genesis Market, here are some signs to keep an eye on:

  • Weird recommendations on your Netflix feed: If someone else is using your account, the news feed will change based on their preferences, as well as yours.
  • Access from unexpected locations: If a device is signed in to your Facebook account from a different country, that’s a good indicator that hackers have compromised your account. Do keep in mind that, if you use a VPN, your own activity could be seen as an unusual login attempt as well.
  • Messages on social media that you didn’t post yourself: If you see posts or messages on your social media, written in your name, that weren’t actually written by you, a hacker might have gained control of your account via a bot — although this could also be due to a regular account hack.
  • Other suspicious account activity: Any other kind of strange activity that cannot be explained otherwise, could be a sign of someone accessing your accounts after buying access on Genesis Market.

Your Computer is Part of a Botnet: Now What?

If your computer has been turned into a bot, it’s vital to fix that situation as quickly as possible. Unfortunately, it can be a struggle to get your computer back under your full control again. Here’s a step-by-step guide on how to uninstall malware, including bots:

Infographic showing what to do if your computer becomes a part of a botnet

  1. Don’t log in to your accounts! If you do, the hacker with access to your computer can gather that information and sell it on Genesis Market. Protect as much data as possible by not using it while your computer is infected by a bot.
  2. Disconnect from the internet. The sooner you do this, the better. If your bot isn’t connected to the internet, it can’t send on information about your accounts or endanger your network.
  3. Open your computer’s safe mode. If you don’t know how to do that, here are easy guides that show you how to do that on Windows and Mac.
  4. Delete temporary files. On Windows, search for “Disk Cleanup” and select drive “C:” to clean. On Mac, open your library and clear the cache.
  5. Run your antivirus program. In most cases, your antivirus will catch the malware once you run a scan. If it doesn’t, and you come across a suspicious file — one with a process that can’t be turned off, for example — then you can assume that’s the dangerous software.
  6. Remove the malware. Your antivirus software will give you the option to delete the malware. Safe mode should prevent viruses from protecting themselves against deletion. There are rare occasions when that doesn’t work, however. If that’s the case for you, try to remove it manually. If it doesn’t work, contact a local computer specialist.

After following the steps above, your data should be safe, as your computer is no longer part of the botnet. However, the bot might already have stolen your credentials. That’s why you need to secure your accounts.

How to Secure Your Accounts After a Genesis Market Leak

If there has been any suspicious activity on your socials, chances are your data has already been sold on Genesis Market. Once you’ve made sure your computer is no longer under a stranger’s control, you can protect your accounts with these steps:

  1. Change your password for all of your accounts. Make sure it’s a secure password. that you don’t use for any other website. You can even use a password manager to create a strong password for you.
  2. Log out other users and devices if the platform has an option to do this. For example, Facebook lets you disconnect any devices logged into your account. Go to “Settings” and then “Security and login” on the left hand side. This will display all the devices connected to your account. You can log out of all of them after you change your password, or just log out of individual ones.

Screenshot of a Facebook account, Settings, Security and login section

Logged out of your accounts?

If hackers managed to lock you out of your accounts by changing your passwords, you can try to contact the platform your account was on. Their customer support might be able to give you access again. Unfortunately, there aren’t any guarantees here. Depending on the platform and the country you live in, you might not even have a live support number to call.

If you can’t recover a social media account, you might at least want the account to be taken down. In that case, ask your friends, family, and other acquaintances to report the account. On most platforms, a community moderator will then check the situation and delete the account if they think it necessary.

Breach of bank access credentials

If, in the worst-case scenario, your bank access credentials were stolen, contact your bank immediately. They should be able to verify your identity remotely and freeze your accounts for you. This can help mitigate further losses, but it might be hard to get your lost funds back.

That’s why prevention is always key in dealing with cybercrime, especially when it comes to safe online banking. Get a strong antivirus program, a good VPN, and a password manager. With hacking on the rise, that is the safest way to protect your digital identity.

What to do when you’ve become a victim of identity theft

If your entire identity was stolen, you should contact the authorities immediately. Here are some steps to follow to mitigate the impacts of identity theft:

Infographic showing what to do when you become a victim of identity theft

  1. Get in touch with your local police department. While a Genesis Market hacker is unlikely to live in your vicinity, it’s the closest authority you can work with to get your case started.
  2. Secure your online accounts. Change your passwords and log out other users. Once again, make sure to do this only after the bot has been removed, or your new passwords will be sent on to the hacker straight away.
  3. Notify relevant stakeholders. Your employer, bank, insurance company, and any other important third parties should be aware of your identity theft situation. If a hacker has access to sensitive personal information, they can use it to impersonate you in interactions with these parties.
  4. Freeze any credit line or bank accounts. It won’t get your money back, but it can prevent further losses.
  5. Report the theft to the FTC if you live in the US.

Read our article “What is Identity Theft and How Did it Become Such a Big Problem?” for more information about identity theft, the dangers, and what to do if you’ve become a victim.

What Makes Genesis Market So Dangerous?

What Genesis Market does, is nothing new. The buying and selling of stolen data is a sad reality of the digital underworld, and it has been like that for years. Even traffic with special bots is something that a lot of other marketplaces engage in. It’s something else that makes Genesis Market so popular.

The Genesis marketplace gained prominence thanks to its accessibility. It’s available on both the dark web and the surface web, and it has an attractive design. This is a change of pace compared to the dark web equivalents of Genesis.

The worryingly smooth interface of Genesis Market

When most people think of “stolen identity traffic online” they probably imagine a dingy website on the dark web that only experienced hackers can access. The Genesis Market is far from that. It has a modern, bright design, and it’s easy to navigate. If you didn’t know what it was advertising, you could mistake it for a legitimate e-commerce marketplace. And that’s what makes Genesis so dangerous.

Genesis Market

Users of the Genesis Market can browse bots containing stolen usernames and passwords like they would regular software or kitchen supplies. It’s quite jarring to scroll through the Genesis Market and see digital identities being sold like they’re simple 1s and 0s.

A low barrier of entry

New Genesis users need an invitation to sign up, but that invite is not as hard to get as you might expect. There are many users on various forums, and even on YouTube, advertising Genesis invites. From our research, the price varies between $10-35 paid in Bitcoin.

With an invitation secured, people have to go through a simple sign-up process. This makes it easy for cybercriminals to access hundreds of thousands of bots with stolen credentials.

Suffice it to say, a cybercriminal’s job is made very easy by Genesis Market. That’s what makes this platform a truly global concern. Genesis is posing as a legitimate marketplace, but, in reality, it’s promoting and facilitating cybercrime for financial gain. It’s not a platform to buy bots on a hypothetical user’s computer. It’s a market where criminals can purchase the digital identities of real people. All of this can have real and devastating consequences for people’s lives.

The Genesis Market: Frequently Asked Questions

The Genesis Market is a disturbing reality of the digital world. If our article didn’t address everything you wanted to know, feel free to check the FAQ below.

Genesis Market is a “legit” marketplace, meaning people can actually purchase stolen account credentials on it. However, it’s also illegal and extremely dangerous. If you want to find out more about Genesis Market and how to protect yourself online, read our article “What is Genesis Market?” here.

Genesis Market is the farthest thing from safe. It’s an online marketplace for stolen account details, and a catalyst for cybercrime, identity theft, and privacy violations.

Unfortunately, the platform takes several security measures to protect its buyers while they’re partaking in illegal business. Genesis Market even offers apps that allow cybercriminals to use the purchased credentials safely, making the platform all the more dangerous for (potential) victims.

If you want to find out how you can protect your data, read our entire piece on the Genesis Market.

Genesis Market sells bots that contain stolen account credentials to online services. From Netflix and Facebook to PayPal, the Genesis Market bots will give its buyer access to other people’s accounts. On top of the credentials themselves, the Genesis Market also offers tools to help cybercriminals access these accounts.

Tech writer
Theodor is a content writer passionate about the newest tech developments and content marketing strategies. He likes privacy-friendly software, SEO tools, and when he's not writing, he's trying to convince people they should uninstall TikTok.