The operators of the popular dark web marketplace Genesis Market are looking to sell the enterprise and are advertising its source code and databases on dark web forums. The operators placed the ads on June 28, however, they only became public knowledge earlier this week.
The move to sell the marketplace comes a few months after an FBI-led global police operation called Operation Cookie Monster. The FBI seized Genesis Market’s domain names in April, and the latter’s website displayed a Bureau takedown notice.
In the days to follow, the Bureau announced it had located the market’s backend servers, and international law enforcement agencies arrested 119 criminal users.
Genesis Market’s dark web mirror site remained active even after the operation as it was outside the international police task force’s jurisdiction. However, it seems Operation Cookie Monster has damaged the operators enough to force them to sell off the enterprise.
Hacking Forum Ads Claim Genesis Darknet Platform Remains Safe to Use
The Record first reported on the hacking forum advertisements on Monday. They stated that an account appearing to have ties with Genesis Market posted several advertisements for the sale across dark web forums. In the days following the FBI’s takedown, an account with the same username claimed that the authorities only seized Genesis Market’s open web domains, and not its darknet platform.
According to The Record, the advertisements offer “all the developments, including a complete database (except for some details of the client base), source codes, scripts, with a certain agreement, as well as server infrastructure.”
However, experts believe that the FBI’s operation will turn away potential buyers despite Genesis Market being one of the biggest dark web markets.
“One may speculate that the reason to sell the platform is at least partially due to the level of attention market operators have from law enforcement,” Michele Campobasso, a researcher at the Eindhoven University of Technology, told The Record.
About the Genesis Market
The Genesis Market began operations in March 2018 and offered access to over 1.5 million compromised devices with more than 80 million account credentials. It operated a botnet of this wide network of infected devices, and also relied on browser fingerprinting to steal credentials.
The market offered potential buyers access to its botnets and browser fingerprints, which are more valuable than credentials. As long as the botnet or fingerprints remain active, the operators would have access to infected accounts and devices even after they changed their login credentials.
Additionally, the FBI points out that the Genesis Market offered a user-friendly interface. It allowed visitors to search for particular access credentials based on filters such as location, device type, and service.
“This is one of the few examples of innovation in the cybercriminal ecosystem,” said Campobasso, who carefully studied the marketplace since 2020. He also called it “a testament of the presence of expert and tech-savvy threat actors that understand market needs and manage to deliver credible attacker technology.”
If you found this article interesting and you want to know more about dark web marketplaces, we recommend reading up on how to safely get on the dark web.
We also recommend reading our guide on staying protected when accessing dark web marketplaces.
