Cybercrime is evolving in astonishing ways and the latest revelation by KasperSky Labs has confirmed that hackers are now selling full digital fingerprints for over 60,000 users via the dark net forums.
In a comprehensive report, presented during the Kaspersky Security Analyst Summit conference, the security researchers further told that the service, known as Genesis, became viral in the fall of 2018. It was advertised as a "secondary/related service" on forums where cyber-criminals already sell the stolen payment card details.
Genesis' has earned a reputation in the dark world of web for selling authentic users' full digital profiles. They extract all the information with the help of risky browser extensions which then records user passwords, login credentials for accounts on online payment portals and e-banking activities. However, the list doesn’t stop here as not the Genesis operators are able to catch the WebGL signatures, HTML5 canvas fingerprints, and more PC details.
Buyers can have access to user’s digital identity by paying up in between the range of $5 to $200. The marketplace is dominated by cyber-criminals who are always ready to bet on such information in order to steal funds, personal photos, sensitive or proprietary documents, or carry out other fraudulent activities on behalf of the user.
If any crook wants to use the bought identity, it can only work with a chrome extension offered by Genesis for free. Developed by their own team, installing the extension will let you import the details and transform your online presence into an identical clone of a real user.
With all the improved anti-fraud systems these days, Genesis’ strategy is something like never seen before. The identities (masks or fingerprints) they are selling makes a fraudster appear as a real account owner, especially to the payment services.
The creators of the identities also claim that they reviewed top 47 analytical systems and 283 major banks and payment systems just to ensure themselves about the detection systems which cloned fingerprints had to bypass.
However, experts also advised that users should now enable multi-factor authentication, especially for online accounts. Moreover, it’s a high time for companies as well to upgrade the user identification mechanisms for extra protection of their users.
Photo: Petrovich9/Getty Images
Read Next: Can you fool the ultrasonic sensor on Samsung Galaxy S10 with a fake finger impression?
In a comprehensive report, presented during the Kaspersky Security Analyst Summit conference, the security researchers further told that the service, known as Genesis, became viral in the fall of 2018. It was advertised as a "secondary/related service" on forums where cyber-criminals already sell the stolen payment card details.
Genesis' has earned a reputation in the dark world of web for selling authentic users' full digital profiles. They extract all the information with the help of risky browser extensions which then records user passwords, login credentials for accounts on online payment portals and e-banking activities. However, the list doesn’t stop here as not the Genesis operators are able to catch the WebGL signatures, HTML5 canvas fingerprints, and more PC details.
Buyers can have access to user’s digital identity by paying up in between the range of $5 to $200. The marketplace is dominated by cyber-criminals who are always ready to bet on such information in order to steal funds, personal photos, sensitive or proprietary documents, or carry out other fraudulent activities on behalf of the user.
- Related: Hacker Returns With Round 4 And Posts 26 Million Users Emails & Passwords For Sale On The Dark Web
If any crook wants to use the bought identity, it can only work with a chrome extension offered by Genesis for free. Developed by their own team, installing the extension will let you import the details and transform your online presence into an identical clone of a real user.
With all the improved anti-fraud systems these days, Genesis’ strategy is something like never seen before. The identities (masks or fingerprints) they are selling makes a fraudster appear as a real account owner, especially to the payment services.
The creators of the identities also claim that they reviewed top 47 analytical systems and 283 major banks and payment systems just to ensure themselves about the detection systems which cloned fingerprints had to bypass.
However, experts also advised that users should now enable multi-factor authentication, especially for online accounts. Moreover, it’s a high time for companies as well to upgrade the user identification mechanisms for extra protection of their users.
Photo: Petrovich9/Getty Images
Read Next: Can you fool the ultrasonic sensor on Samsung Galaxy S10 with a fake finger impression?