How our personal data is marketed on black market sites
On one of the world's leading data resale services, Genesis, nearly tens of thousands of people-owned information has been recorded.
How several Genesis platforms a little space specialized in the resale of profiles of Internet users. Of course the activity is illegal because it facilitates online identity theft.
This article will also interest you: The French have their data sold on the black market of the Dark Web
Generally this is a question that Internet users almost never ask. It's about where the data that's stolen during computer hacks goes. What do cyber criminals do with this information? What good could that do them do? yet these are issues that are essential in an effort to master the computer world and its threats.
In most cases, the personal data that is stolen during the various assaults, intrusions or phishing campaigns carried out by cyber criminals, we go where it is easy to monetize them. That is, on the Darkweb, the dark side. According to some estimates by computer security specialists, it is possible to find nearly 15 billion of the personal information available on the Darkweb. About $5 billion if you simply remove the duplicates.
And among its main services is Genesis, which looks like a huge online commerce platform typically specialized in reselling computer data. A platform that can only be accessed with just one click. The service is so professionalized that it offers its customers an after-sales service, sophisticated and responsive to meet the needs of customers as simply and efficiently as possible. An illegal service that was built around the resale of users' personal information.
Let's talk about digital profiles available on sites such as Genesis, including social security numbers, identity cards, passwords or other credentials, not to mention email addresses. In other words in any information that can allow cyber criminals to initiate identity theft actions. And the ability to get on Genesis, and other sites of the same ilk, Bots.
"A bot aggregates all the information that malware has been able to extract from a victim's computer: login credentials, usernames and passwords, but also more sophisticated information, including banking data, social network identifiers. Their average price is around $20 but can go up to $200, depending on the quality and scarcity of information," Emily Yale, data scientist at computer security company Shape Security.
We need to clarify one last one. Information purchased or sold on such platforms is not frozen information. "By purchasing a bot, hackers get the ability to generate a fingerprint that will fit into the web browser used, to fake a connection from the victim's computer. ». As if the service wasn't perfect enough, the bots provided by the platform are continuously updated, as long as the infected terminal is still in operation.
This means that even by changing your password so as to make sure you don't get hacked, it's hardly lost. Because the password can be easily known by cyber criminals, with the financial consequences that often result.
Platform like Genesis can only be accessed by invitation. However making purchases of credentials remain fairly simple as if you are buying something on an online shop. Services that unfortunately continue to grow in popularity.
"A year ago, between 120 and 130,000 bots could be purchased in this market place. At a glance, we can notice that there are now nearly 320,000. And those numbers are changing very quickly. It is very legitimate to think that the number of victims continues to grow," says Emily Yale.
According to figures provided by F5, more than 40,000 French people would have given them identification available on Genesis.
It should be voted that users who often find themselves trapped in this kind of profile marketing system. If the FBI is on the spot, the fact remains that the procedure can be expensive.
Now access an unlimited number of passwords: