Aside from announcing an updated marketplace website, Genesis Market administrators have also restarted data exfiltration activities. Over 2,000 new compromised devices have also been added to the marketplace.
“The roots of Genesis Market’s operation, namely the administrators, darknet website, and malicious software infrastructure, have survived,” said Netacea Principal Security Researcher Cyril Noel-Tagoe.
Trellix Head of Threat Intelligence John Fokker noted the immediate response of Genesis administrators who remain at large to restore the marketplace.
Despite Genesis Market’s continued presence, the international operation has been noted by Paul Foster of the UK National Crime Agency’s National Cyber Crime Unit to be a significant blow to attackers.
“Although a dark web version of the site remains active, the volume of stolen data and users has been significantly reduced. I have no doubt that the operation damaged criminal trust in Genesis Market,” Foster added.