New research by Netacea into digital fingerprint and identity thief
Bot detection and mitigation company Netacea has published new research into the Genesis Market, an invite-only deep web marketplace that trades in digital fingerprints and enables buyers to impersonate victims online.
According to the Netacea report, Buying Bad Bots Wholesale: The Genesis Market, since April 2019 the number of stolen digital identities available on the marketplace has increased from 100,000 to over 350,000, with more than 18,000 being added each month.
Netacea says there are Genesis Market bots undertaking large-scale infection of consumer devices with the aim of stealing digital fingerprints, cookies, saved logins, and autofill form data.
This data is then packaged up and put up for sale, with prices that range from less than $1 to $370 for bots containing larger amounts of embedded data.
The report says that upon purchase of a Genesis bot, the buyer will receive a custom browser into which they load the data. This allows them to represent themselves online as the person whose information has been stolen.
They can then browse the internet using the stolen information, use saved logins to access the victims accounts, or continue a session if login cookies are available. All without access to the original device.
"We're caught in a Catch-22," says Netacea's head of threat research, Matthew Gracey-McMinn.
"With more companies making the digital leap and an increasing amount of data available online, there's been a surge in data breaches as hackers look to cash in on consumers' data.
"As hackers invest more and profit more from attacks, the number of attacks increases. The significant growth of the Genesis Market represents a huge step forward for attackers challenging client-side detection mechanisms and is making that Catch-22 harder to break.
As a result of the findings, Netacea has invested $300,000 into hiring new threat research analysts to expand its research team and is increasing training for new and existing team members. It says part of the investment will also be dedicated to the creation of a standardised bot management framework for businesses to capture all automated bot threats and their life-cycle in a series of comprehensive kill chains.
"As attackers advance, so will cybersecurity defences," says Gracey-McMinn.
"It's an arms race, but automation can and must be used as our secret weapon. Our investment into more research and the creation of a bot management framework will help ensure businesses and their customers remain protected.
He says that key findings of the report are:
- Analysis of the tactics used by Genesis Market bots to mimic genuine users, bypass defences, and access large amounts of private, financial or political information.
- In-depth research into the Genesis Security plugin and Genesium Browser, which allow buyers to browse the internet as the victim.
- Exploration of anti-detect browsers and how the Genesis Market technology tries to ensure anonymity online.