[HN Gopher] FBI Seizes Bot Shop 'Genesis Market' Amid Arrests Ta...
___________________________________________________________________
FBI Seizes Bot Shop 'Genesis Market' Amid Arrests Targeting
Operators, Suppliers
Author : todsacerdoti
Score : 95 points
Date : 2023-04-04 21:06 UTC (1 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| jjcm wrote:
| Interestingly, CenturyLink wont even let me visit the site.
| There's a "Continue to Site" button, but it does nothing.
| paulpauper wrote:
| _Genesis Market provided access to a wide list of services with
| user accounts from all over the world. Among them were Gmail,
| Facebook, Netflix, Spotify, WordPress, PayPal, Reddit, Amazon,
| LinkedIn, Cloudflare, Twitter, Zoom, and Ebay._
|
| This is why 'strong passwords' will never be good enough when
| hackers simply control the actual session
| Kenji wrote:
| [dead]
| javajosh wrote:
| So, as a web programmer, I'd like to infer how this data got into
| the marketplace in the first place. The offerings are all powered
| by browser data exfiltration! Which means their vector is another
| process on the host, or it could be a malicious browser
| extension, or a resource 0-day. Or the tokens could be
| exfiltrated from from the server-side, too.)
|
| Does anyone know how they get this data?
| consumer451 wrote:
| I wonder why Spain and Poland topped the list of bots.
| legitimayzer wrote:
| I feel safer and better about the future already, thanks for the
| good work guys!
|
| this kind of access to hacking should be reserved only for the
| legitimate institutions of civilized society.
| JohnFen wrote:
| In other words, it should be legitimayzed?
| trulynissin wrote:
| Honestly surprised that this site was able to function
| undisputed, entirely on the public internet for this long despite
| it's entirely illegal nature.
| Panino wrote:
| It looks like before the seizure, they had Chinese DNS (dnspod)
| and Russian web hosting (CLOUDX-AS, RU).
| bennyg wrote:
| I work, kind of, in this space - and it's been wild to me how
| incredibly easy it is to embed myself into public Discord
| servers that offer fraud/abuse bots. That might speak to the
| sophistication of what I find (vs. groups with better OpSec). I
| agree though, I'm surprised this was operated on the public
| internet with a great domain name.
| nostromo wrote:
| I love these silly FBI "teenage boy badass" images they put up
| after they seize a website:
|
| https://genesis.market/
|
| The FBI agent in a hoodie, eating a cookie while hacking into the
| Matrix is just too good.
| CTDOCodebases wrote:
| It reminds me of the Phineas Fisher quote:
|
| "...Hacker culture was born in the US as a counterculture, but
| that origin only remains in its aesthetics -- the rest has been
| assimilated. At least they can wear a t-shirt, dye their hair
| blue, use their hacker names, and feel like rebels while they
| work for the Man."
| boomboomsubban wrote:
| At first glance, it looks like they have twenty sponsors
| donating for them to host some kind of public hackathon.
| [deleted]
| pph wrote:
| Also a typo in the alt text & wonky css that leads to weird
| stretching when the aspect ratio is not the same as the
| intern's who put up the page.
| PrufferFrish wrote:
| Looks great on mobile, too. https://ibb.co/hBG7sgL
| capableweb wrote:
| Seemingly both their graphic designers and web developers
| (probably call them "webmasters") are stuck in the 90s
| judging by the source.
| cuttysnark wrote:
| The content="text/html; charset=windows-1252" was
| interesting to me since I'm so used to seeing utf-8. Caring
| about charset seemingly makes little sense here, given
| everything is embedded into the image. I wonder if this
| page was created by a generator.
| tenpies wrote:
| I love the random Canadian flag in there, because apparently
| every other country's police forces' crest should be
| recognizable to everyone on the internet, but the Canadians
| ones are just too obscure.
| dragonwriter wrote:
| I suspect the block with the Canadian Flag, RCMP logo, and
| _Surete de Quebec_ logo were placed as a block at the request
| of the cooperating Canadian agencies together as their logo
| for Canada's involvement, and that the Canadian flag is not
| placed there because the FBI is singling Canada out
| differently.
| pakyr wrote:
| The RCMP and Quebec Provincial Police logos are also there to
| the left of the flag, just way smaller than they need to be.
| grenoire wrote:
| Looks almost like they're pretending to have been seized for an
| April Fool's joke.
| asdff wrote:
| All the logos on this make it look like they are sponsoring a
| 5k race.
| doublerabbit wrote:
| I was hoping for there to be a recruitment link in the source
| code. None, only clean HTML.
| capableweb wrote:
| Images can have data "hidden" inside of them, just so you
| know :)
| mike_d wrote:
| There is very obviously a recruitment link there. Look again.
|
| Hint: It is above the image data.
| cuttysnark wrote:
| That's not "hidden" though, it's the alt text that also
| appears verbatim on the image itself.
___________________________________________________________________
(page generated 2023-04-04 23:00 UTC)