A Marketplace For Stolen Fingerprints Has Emerged

Security researchers at Kaspersky Lab revealed at the Kaspersky Security Analyst Summit in Singapore that a dark net marketplace in which hackers are selling digital fingerprints has emerged.

According to a report in ZDNet, Kaspersky Lab said at the summit criminals are selling the digital fingerprints of more than 60,000 individuals. Dubbed Genesis, the marketplace emerged in the fall of last year when the creators started advertising it on forums where hackers sell payment card details they’ve stolen.  The report noted users who had been hit with malware or installed a bad browser extension had their account passwords and browser details copied and then sent to the operators of the marketplace.  The profiles include a bevy of information on the consumer, including fingerprints. Operators of the marketplace sell the data to cybercriminals who use it for identity theft, online fraud, and other crimes.  The information sells for anywhere from $5 to $200. The hackers use the information to steal money, personal photos or documents.

Criminals can only use the information by installing a Chrome extension that the operators of Genesis create, noted the report.  With the Chrome extension, which is free, the Genesis-purchased identity is automatically imported. The buyer’s browser then becomes almost an identical clone of the user’s real browser, reported ZDNet. The report noted that it found an online ad in which the backers of Genesis claim to review the 283 major banks and payment systems to figure out what tracking detection systems the stolen fingerprints have to get through.  During the summit, Kaspersky said Genesis is being used by some cybercriminal gangs to get passed anti-fraud measures put in place by banks and payment companies.