U.S. Secretary of the Treasury Janet Yellen delivers opening remarks during an event highlighting “anti-corruption work as a cornerstone of a fair, accountable, and democratic economy” as part of the 2023 Summit for Democracy at the Treasury Department on March 28, 2023 in Washington, DC.
Alex Wong | Getty Images
WASHINGTON — The Treasury Department’s Office of Foreign Assets Control has sanctioned Genesis Market, a “darknet” market, for illicit activities related to the theft and sale of device credentials and other sensitive data.
The international marketplace steals private information from victims’ devices and offers it for sale, Treasury said in a release Wednesday.
The Treasury announcement came a day after the FBI and a consortium of international law enforcement authorities shut down Genesis Market.
Genesis Market was a sophisticated marketplace that was stocked with stolen digital identities, allowing bad actors to impersonate customers at companies such as Amazon, Coinbase or Fidelity. The stolen identities, called “bots,” were lifted from infected computers and could fetch as much as $450 per bot, cybersecurity expert Matthew Gracey-McMinn told CNBC.
The OFAC designation comes as part of a larger push against Genesis specifically. Records show that Genesis domain names were linked to nameservers in Russia and in China, two nations that have been named as loci for state-sponsored hacking.
Treasury believes Genesis to be located in Russia, but said its illicit practices are spread globally. The market capitalizes on malware-infected computer systems to compile stolen private data, such as mobile device identifiers, email addresses, usernames and passwords to sell to cybercriminals, according to Treasury. Genesis also sells unauthorized access to computer systems.
Approximately 460,000 packages of stolen private information were listed for sale on the marketplace as of Feb. 1, according to the Treasury.
“The United States, along with our international partners, will not allow illicit marketplaces to operate with impunity,” Brian E. Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence, said in a release. “Treasury will continue to work closely with our law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable.”
The action was taken in partnership with the Justice Department and a dozen other countries that are taking law enforcement proceedings against Genesis and seizing website domains tied to the market.
This is a developing story. Please check back for updates.