Dark Web Service Sells Access to Compromised Accounts and Browser Sessions



When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.

I’ve written about infostealer malware before; malware designed to steal in-browser credentials, session cookies, and more in an attempt to capture everything needed to gain access to websites, applications, data, and even money. But once it’s stolen, no one has a clear idea of exactly how a specific credential is misused.

A new article over at Krebs on Security highlights a few dark web markets that offer up credentials, authentication cookies and even custom web browsers with the stolen artifacts built-in making the act of accessing an application or system turnkey without the need for entering in credentials or having to address multi-factor authentication requirements.

One such marketplace is Genesis Market, who (according to Krebs) “gets its inventory of botted computers and stolen logins from resellers who specialize in deploying infostealer malware via email and booby-trapped websites.”

This is scary stuff. Access is the crux of any attack and being able to purchase not just username and password combinations – but post-MFA authentication, means it’s easy for literally anyone to gain access to your network as long as there’s access for it for sale over at Genesis.

The data stolen that provides access is typically acquired by means of phishing attacks bent on compromising an endpoint where infostealers can be installed, or by tricking users into giving up credentials to an impersonated cloud platform logon page.

In either case, teaching users via Security Awareness Training to be mindful of phishing attacks that involve malicious links and/or attachments is the key to keeping your users’ access from showing up on one of these markets.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/kmsat-security-awareness-training-demo

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews