[HN Gopher] FBI Seizes Bot Shop 'Genesis Market' Amid Arrests Ta... ___________________________________________________________________ FBI Seizes Bot Shop 'Genesis Market' Amid Arrests Targeting Operators, Suppliers Author : todsacerdoti Score : 95 points Date : 2023-04-04 21:06 UTC (1 hours ago) (HTM) web link (krebsonsecurity.com) (TXT) w3m dump (krebsonsecurity.com) | jjcm wrote: | Interestingly, CenturyLink wont even let me visit the site. | There's a "Continue to Site" button, but it does nothing. | paulpauper wrote: | _Genesis Market provided access to a wide list of services with | user accounts from all over the world. Among them were Gmail, | Facebook, Netflix, Spotify, WordPress, PayPal, Reddit, Amazon, | LinkedIn, Cloudflare, Twitter, Zoom, and Ebay._ | | This is why 'strong passwords' will never be good enough when | hackers simply control the actual session | Kenji wrote: | [dead] | javajosh wrote: | So, as a web programmer, I'd like to infer how this data got into | the marketplace in the first place. The offerings are all powered | by browser data exfiltration! Which means their vector is another | process on the host, or it could be a malicious browser | extension, or a resource 0-day. Or the tokens could be | exfiltrated from from the server-side, too.) | | Does anyone know how they get this data? | consumer451 wrote: | I wonder why Spain and Poland topped the list of bots. | legitimayzer wrote: | I feel safer and better about the future already, thanks for the | good work guys! | | this kind of access to hacking should be reserved only for the | legitimate institutions of civilized society. | JohnFen wrote: | In other words, it should be legitimayzed? | trulynissin wrote: | Honestly surprised that this site was able to function | undisputed, entirely on the public internet for this long despite | it's entirely illegal nature. | Panino wrote: | It looks like before the seizure, they had Chinese DNS (dnspod) | and Russian web hosting (CLOUDX-AS, RU). | bennyg wrote: | I work, kind of, in this space - and it's been wild to me how | incredibly easy it is to embed myself into public Discord | servers that offer fraud/abuse bots. That might speak to the | sophistication of what I find (vs. groups with better OpSec). I | agree though, I'm surprised this was operated on the public | internet with a great domain name. | nostromo wrote: | I love these silly FBI "teenage boy badass" images they put up | after they seize a website: | | https://genesis.market/ | | The FBI agent in a hoodie, eating a cookie while hacking into the | Matrix is just too good. | CTDOCodebases wrote: | It reminds me of the Phineas Fisher quote: | | "...Hacker culture was born in the US as a counterculture, but | that origin only remains in its aesthetics -- the rest has been | assimilated. At least they can wear a t-shirt, dye their hair | blue, use their hacker names, and feel like rebels while they | work for the Man." | boomboomsubban wrote: | At first glance, it looks like they have twenty sponsors | donating for them to host some kind of public hackathon. | [deleted] | pph wrote: | Also a typo in the alt text & wonky css that leads to weird | stretching when the aspect ratio is not the same as the | intern's who put up the page. | PrufferFrish wrote: | Looks great on mobile, too. https://ibb.co/hBG7sgL | capableweb wrote: | Seemingly both their graphic designers and web developers | (probably call them "webmasters") are stuck in the 90s | judging by the source. | cuttysnark wrote: | The content="text/html; charset=windows-1252" was | interesting to me since I'm so used to seeing utf-8. Caring | about charset seemingly makes little sense here, given | everything is embedded into the image. I wonder if this | page was created by a generator. | tenpies wrote: | I love the random Canadian flag in there, because apparently | every other country's police forces' crest should be | recognizable to everyone on the internet, but the Canadians | ones are just too obscure. | dragonwriter wrote: | I suspect the block with the Canadian Flag, RCMP logo, and | _Surete de Quebec_ logo were placed as a block at the request | of the cooperating Canadian agencies together as their logo | for Canada's involvement, and that the Canadian flag is not | placed there because the FBI is singling Canada out | differently. | pakyr wrote: | The RCMP and Quebec Provincial Police logos are also there to | the left of the flag, just way smaller than they need to be. | grenoire wrote: | Looks almost like they're pretending to have been seized for an | April Fool's joke. | asdff wrote: | All the logos on this make it look like they are sponsoring a | 5k race. | doublerabbit wrote: | I was hoping for there to be a recruitment link in the source | code. None, only clean HTML. | capableweb wrote: | Images can have data "hidden" inside of them, just so you | know :) | mike_d wrote: | There is very obviously a recruitment link there. Look again. | | Hint: It is above the image data. | cuttysnark wrote: | That's not "hidden" though, it's the alt text that also | appears verbatim on the image itself. ___________________________________________________________________ (page generated 2023-04-04 23:00 UTC)