A new cybercrime marketplace has emerged on the dark web and is unlike anything seen before. Dubbed Genesis it is currently selling the digital footprints of over 60,000 users.
These users have been infected in the past with malware or have installed rogue browser extensions. As a result they have unknowingly had their account passwords and full browser details recorded and then sent to Genesis operators.
- Each user profile includes login credentials for accounts on online payment portals, e-banking services, file-sharing or social networking services and the cookies associated with these accounts, browser user-agent details, HTML5 canvas fingerprints and other browser and PC details.
- Together this information comprises a full digital identity. It enables a cyber-crook to imitate a real account owner and in the process fool some modern anti-fraud systems used with online payment and e-banking services.
- A fraudster then just needs to log in to a user’s account and they can steal money, photos, and personal documents and impersonate the victim on other websites.
The Genesis marketplace is selling these digital identities to other cyber-criminal groups who largely engage in online fraud and identity theft. The digital identities are being sold for prices ranging from $5 to $200.
- To activate and use the information, crooks have to install a Chrome extension that has been created by the Genesis team.
- The extension is provided free by Genesis and it automatically imports the digital identity so the fraudsters have a near-identical clone of the real user's browser.
Browser data is a goldmine for hackers
The data collected by a browser reveals a staggering amount of information. As soon as you go online, you start reporting an IP address which is your entry point to the internet. This can be used to approximate your physical location.
Your browser also reports its name, so sites know which type of browser you are running, as well as information about the computer system it’s running on, including the operating system, the CPU and GPU models, display resolution and even the current battery level if you’re using a laptop, tablet, or phone.
Browsers also hold cookies which are little files that act as markers to identify you. Like breadcrumbs in a forest, they tell a site that you’ve been there before.
Some online services have improved their anti-fraud systems so they can detect abnormal account login activity by looking at digital footprint details rather than a username and password. This is why the theft of this information and its sale on Genesis is so alarming.
What can you do?
- Ensure you are running good internet security software to counter the threat of malware. BullGuard Internet Security is as good as they come and testifying to the strength of its anti-malware protection has won myriad awards.
- Be careful about downloading browser extensions. We can all fall victim into believing that that if an app or extension is listed in an official store such as the Apple Store, Google Play, the Microsoft Store, Mozilla’s Add-Ons directory and so on it must be legitimate. This isn’t always the case. Before you download check the reviews, they are revealing.
- Don’t store passwords and other sensitive information in your browser.
- Use multi-factor authentication for every online account, if the account supports it.