Yesterday, on April 9, at the Kaspersky Security Analyst Summit Conference in Singapore, security specialists from Kaspersky Lab uncovered the new face of cybercrime marketplace, where for more than 60,000 users full digital fingerprints are being traded.
Fingerprints Marketplace, started in Fall 2018 known as Genesis, began advertising as a forum where hackers sell and buy stolen card detail.
Clients who in the past have been contaminated with malware or who have introduced maverick program augmentations have accidentally had their record passwords and full program browser details and afterward sent to Genesis administrators.
Genesis keeps a record for each user profile that includes login details, and other credentials related to banking services, social profiles, web passwords, and cookies associated with the fingerprints, browser user-agent details, WebGL signatures and other browser associated and pc details.
Genesis survives by selling this information to cybercriminals, hackers and vulnerable associated people who are involved in online fraud, identity theft, and money mule operations.
User credentials are sold from a price range of between USD 5 to USD 200. Once buy is successful, Genesis provides a Chrome Extension, that has to be installed on the buyer browser. Once it’s installed, a buyer can freely log into the user account, can access social profiles, bank accounts, scan fingerprints, steal or use personal photos, sensitive or proprietary documents. It just creates a Clone of the user’s system.
In other words, we can call it an improved version of cybercriminal toolkit, that is not just dependent on login id or password anymore and has gone beyond the anti-fraud detection system and also known as Genesis Identities or you can call it masks or fingerprint.
Kaspersky said in a statement that Genesis has already entered the arsenal of some cyber-criminal gangs, and they are “actively using such digital doppelgangers to bypass advanced anti-fraud measures.”
Experts commend that users must enable Multi-factor authentication, or double authentications for online transactions and companies should provide the additional layer of security where biometrics technology is being used.