What is Nostr?
Alaric Aloor🐕🏎⚽️🥃 /
npub1ty8…75pc
2023-04-05 17:12:58

Alaric Aloor🐕🏎⚽️🥃 on Nostr: #[0]

Trellix has a good synopsis of the supply side of Genesis Market, in which various vendors or users of infostealer malware agree to sell the service a continuous feed of freshly stolen passwords, authentication cookies and fingerprints from compromised systems in their botnets.

See subsection "Malware Linked to Genesis Market" https://www.trellix.com/en-us/about/newsroom/stories/research/genesis-market-no-longer-feeds-the-evil-cookie-monster.html

"Over the years, Genesis Market has worked with a large variety of malware families to infect victims, where their info stealing scripts were used to steal information, which was used to populate the Genesis Market store. It comes as no surprise that the malware families linked to Genesis Market belong to the usual suspects of common info-stealers, like AZORult, Raccoon, Redline and DanaBot. In February 2023, Genesis Market started to actively recruit sellers. We believe with a moderate level of confidence that this was done to keep up with the growing demand of their users."

"Based on our own information and information provided by law enforcement, it appears Genesis Market dropped and executed their own set of JavaScript (JS) scripts on the infected machines that were provided to them. This set of JS scripts were designed to grab all the relevant information from the victim’s machine in a structured way, ensuring the data quality across all the bots they were offering via their marketplace."
Author Public Key
npub1ty85hl2cshfghrf7cz7mp753w3gnvqlfr6ppk3gke3e60lwdnzjs2e75pc