Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Criminal Darknet. Show all posts

Genesis Market: Formerly a Popular Dark Web Marketplace Now up for Sale


If one wishes to own a defunct darknet business, they could try reaching out to the backers of Genesis Market, the formerly high-and-mighty seller of stolen data. Today, they appear to be desperate to sell their formerly valued asset for scrap.

According to a report by The Record, several advertisements for the sale of Genesis have recently appeared on underground forums. The FBI deactivated the website early this year as part of an investigation that saw the arrest of numerous site administrators and users. The platform had previously been a popular location for hacking services and stolen data.

The FBI later conducted hundreds of raids in countries all over the world, where several websites were seized that effectively crippled the platform’s operation. One might assume that there would not be much left to sell given the extent of the operation.

However, according to The Record, on June 28 a user account that appears to be associated with Genesis' operators started posting about the business's sale. The user asserted that the darknet platform of the marketplace was still functional and that the FBI had only taken control of the open web domains of the marketplace. Reportedly, the sale involves illegal business infrastructures, including “a complete database (except for some details of the client base), source codes, scripts, with a certain agreement, as well as server infrastructure.”

Although if you are a potential buyer, there are certain concerns that come with such acquisition. They include: 

  • Buying these sites is certainly illegal, and may get you in trouble. 
  • The likelihood that it is some sort of FBI honeypot operation does not seem implausible. 
  • It is hard to assume that Genesis will make a comeback anytime soon because its reputation among users of the darknet is completely destroyed.

Regardless, the answer to how the dark net is doing lately is quite intriguing. Past few years have apparently been challenging for the virtual underworld, thanks to the active and aggressive operations against it by the Justice Department.

A report from February notes that the Darknet revenue has lately experienced losses. The FBI exposing the Hydra marketplace further dropped the revenue flow exponentially. Prior to its downfall, Hydra was one of the most popular cybercrime hotspots on the web. The state’s operation against it seems to have hugely impacted the dark web economy. The Genesis shutdown is likely to have only contributed further to the disturbance in the web’s murkiest realm.

Darknet Market ‘Versus’ Shutting Down After Critical Exploit Leak

 

The Versus Market, one of the most prominent English-speaking criminal darknet marketplaces, is shutting down after a severe vulnerability was discovered that might have given access to its database and disclosed the IP addresses of its servers. 

Dark web markets must keep their physical assets secret when performing illicit operations online; otherwise, their operators risk being identified and arrested. The same is true for users and vendors who must stay anonymous while utilising these unlawful sites. Anything that undermines their faith in the platform to secure their information makes it exceedingly dangerous. Apparently, after discovering these flaws, the Versus operators opted to pull the plug themselves, considering it too unsafe to continue. Versus debuted three years ago and quickly gained traction in the hacking world, offering drugs, coin mixing, hacking services, stolen payment cards, and exfiltrated databases. 

Versus went offline to undertake a security assessment, as the website claims it has done twice previously, in response to concerns of serious problems or possibly real hacking. Users were concerned that the Versus was executing an exit scam, that the FBI had taken over the site and other common assumptions that follow these sudden moves. However, the platform's operators soon reappeared, announcing the closure of the marketplace. 

The following PGP-signed message was uploaded by a Versus staff member who is one of the major operators: "There is no doubt that there has been a lot of concern and uncertainty regarding Versus in the last few days. Most of you that have come to know us have rightfully assumed that our silence has been spent working behind the scenes to evaluate the reality of the proposed vulnerability. After an in-depth assessment, we did identify a vulnerability which allowed read-only access to a 6+-month-old copy of the database as well as a potential IP leak of a single server we used for less than 30 days. We take any and every vulnerability extremely seriously but we do think that it's important to contend with a number of the claims that were made about us."

"Specifically of importance: there was no server pwn and users/vendors have nothing to worry about as long as standard and basic opsec practices have been utilized (for example, PGP encryption) Once we identified the vulnerability, we were posed with a fork in the road, to rebuild and come back stronger (as we had done before) or to gracefully retire. After much consideration, we have decided on the latter. We built Versus from scratch and ran for 3 years." 

The letter concludes with a note to platform providers, pledging to post a link allowing them to make transactions without time constraints, permitting the return of escrow amounts. 

Versus was revealed for IP breaches in March 2020, and then in July 2020, a large Bitcoin theft from user wallets occurred. In all situations, the platform accepted responsibility for the errors and was extremely open about what occurred. Versus was able to grow and become a significant marketplace in terms of user numbers and transaction volumes as a result of this. 

However, the operators most likely recognised that the risk of exposure was too considerable to continue. It remains to be known if or not personnel of law enforcement has already exploited the current vulnerability in the next weeks/months.