It is no surprise that smart home devices have revolutionized how we live, offering a great sense of convenience and making our lives easier by always being connected to the internet. However, this convenience also makes them a target for hackers as they can exploit vulnerabilities in these devices, potentially compromising our privacy and security. Recently, security researcher Sam Sabetan discovered a security flaw in the Nexx smart garage door openers that could allow hackers to remotely control the device and potentially access the garage.
According to Sabetan, this security flaw is a significant concern for homeowners, as it can compromise the security and privacy of their homes by allowing third parties to control the devices remotely, using an email address, device ID, or first name and last initial. Although the true scope of this issue is still unclear, Sabetan believes that it could potentially impact over 40,000 devices and around 20,000 users.
“Within just an hour, I managed to gain control over garages belonging to any Nexx customer. Intrigued, I delved deeper into Nexx’s Smart Plugs and Alarms and found that there’s a widespread systemic security issue within the entire Nexx ecosystem,” says Sabetan.
Nexx’s response to the vulnerability
Sabetan claims that he reached out to Nexx about the security flaw in January, but the company failed to acknowledge any of his attempts to contact them regarding the vulnerability. As a result, Sabetan took to the internet to demonstrate in a proof-of-concept video, showing that he could control his device as well as over 500 others.
If you are a Nexx user, it is crucial to take immediate action to protect your home. Firstly, disconnect the Nexx smart garage door controller and any other Nexx smart home products you have. Secondly, change your passwords and set up two-factor authentication if you haven’t already. Lastly, keep track of which devices are using the internet and limit access to your Wi-Fi network to only trusted devices.
Law enforcement agencies seized the domains for Genesis Market, one of the world’s biggest marketplaces for cyber fraud. Genesis has been connected to millions of financially driven cyber incidents worldwide, from fraud to ransomware attacks.
Genesis served as a one-stop shop for thieves, selling stolen credentials and the tools to weaponize that data.
The login pages of Genesis Market’s websites have been changed to a splash page announcing the takedown, titled Operation Cookie Monster. Both on the regular web and the dark web, the organization maintained websites.
Accessing the Genesis Market domains reveals a banner stating that the FBI has executed a seizure warrant, even though authorities have not released press statements announcing the seizure.
Given that the FBI is searching for anyone who has contact with them, it appears that the marketplace’s administrators have not been recognized. Keeping a low profile for so long suggests that whoever is behind the Genesis Market has a solid understanding of operational security.
“These seizures were possible because of international law enforcement and private sector coordination,” reads the seizure banner.
“We now want criminals to be afraid that we have their credentials, and they should be.”
Genesis Market – A One-Stop Shop for Login Data
Login information, IP addresses, and other information that served as the victims’ “digital fingerprints” were sold by Genesis Market.
The personal data, frequently less than $1, allowed thieves to access bank and shopping accounts.
Reports say Genesis Market offered hackers access to “bots” or “browser fingerprints, ” enabling them to impersonate victims’ online browsers. These fingerprints included IP addresses, session cookies, operating system details, and plugins.
They generated money by renting out the account identities using bots that had stolen accounts together with the fingerprint information that gave the access the appearance of being authorized.
Genesis Market operators made it simpler for clients by offering browser plug-ins that could import the login information and digital fingerprints of a hijacked account, immediately assuming the digital identity of the actual owner. Buyers may pay less than $10 for access to an account for a specified period, depending on the type of account.
Many services with global user accounts were accessible through Genesis Market. Gmail, Facebook, Netflix, Spotify, WordPress, PayPal, Reddit, Amazon, LinkedIn, Cloudflare, Twitter, Zoom, and eBay were a few among them.
Last week, Apple released macOS 13.3 and iPadOS 16.4 alongside iOS 16.4. Unfortunately, many users who updated their devices to the latest iPadOS and macOS are now experiencing issues with Continuity features.
Ever since the release of the new software updates, people who have updated their devices to the latest version have been reporting issues with many Continuity features, such as Handoff, Universal Clipboard, and Auto Unlock and Approve with Apple Watch. The main Continuity feature affected by the updates appears to be Universal Control.
Many have taken to forums and social media to express their frustration with the lack of functionality after updating. While some have suggested possible solutions, such as signing out of iCloud on both devices, disabling and restarting Handoff, and toggling settings related to Universal Control features, these solutions have only worked for some users.
Apple has not yet commented on the bugs but is likely aware of them. The company is rumored to be preparing to release iOS 16.4.1 for the iPhone, and it may also release iPadOS 16.4.1 and macOS 13.3.1 alongside it to fix the Continuity features bug. These minor updates typically focus on bug fixes and security improvements.
Features such as Handoff and Universal Control features are important for many users who rely on seamless integration between their Apple devices. It is expected that Apple will patch these bugs very soon.
Finally, the Google Pixel 7 Pro is now available, and while it’s mostly the same as the Pixel 6 Pro, it is a bit more refined now. Making a really good $899 smartphone. Especially considering the competitors are priced at $999 or higher. But with that new Pixel 7 Pro, you’re also going to want to grab yourself a few accessories to take full advantage of your new phone. So here we are with the best Google Pixel 7 Pro Accessories.
Best Google Pixel 7 Pro Accessories
As always, this list has a variety of different accessories that you might want to get for your Pixel 7 Pro. From wireless chargers, to smartwatches, to chargers, and even some battery packs. So let’s get started.
The new Anker 735 charger is a really impressive charger to pick up, since it has two USB-C PD ports and a USB-A port available for charging.
Both of the USB-C ports can do up to 65W, while the USB-A port can do 22.5W. However, if you are using multiple ports, the first USB-C port will do up to 40W and the second will do up to 12W. This is a great charger to use if you are traveling or need to charge multiple things.
The Google Pixel Watch is the company’s first smartwatch, and while it works with all Android devices, it will work even better with the Pixel 7 Pro. It does come in WiFi and LTE variants, with the LTE variant costing $50 more. It uses eSIM and can be added to any carrier.
The Pixel Watch is running on Wear OS 3.5, with Fitbit integration. Remember that Google owns Fitbit, so that should come as no surprise. It’s a fairly small watch, coming in at 41mm. And you can check out our full review here.
The PopGrip from PopSockets is a really good accessory for really any phone. And the reason why this is the best PopSocket you can buy right now is because it does allow you to swap out the top. So if you want to change the color, you can do so.
PopGrip is really great because it allows you to hold onto your phone much easier, especially for larger phones, but even works great on smaller ones like the OnePlus 10 Pro. But it also doubles as a sort of kickstand for your smartphone. Allowing you to use it on long flights to watch a movie or two, without having to hold your phone the whole time. It’s a really genius invention, and it’s something that everyone should have.
You can attach the PopGrip to your case, so that it doesn’t ruin your phone too.
The Google Pixel Stand 2 is an expensive wireless charger, a lot like other first-party accessories. But where it has a leg up over the competition is in the charging speed. The Pixel Stand 2 is the only one that can charge your Pixel at the full 23W.
It also has a few other tricks up its sleeve. Since it does sit at an angle, it’s great for having a Google Meet or Zoom meeting while it’s charging. It can also give you quick access to media controls and smart home controls right there on the screen, while it is charging. Nothing major, but definitely useful.
RAVPower Portable Charger 20000mAh PD 3.0 Power Bank
The RAVPower Portable Charger 20000mAh PD 3.0 Power Bank is a really great option for a battery pack for the OnePlus 10 Pro. It offers fast charging, though you likely won’t need that for the OnePlus 10 Pro, since it does offer some really good battery life.
It also uses two USB-A ports with fast charging, so you can charge other devices at the same time. RAVPower also includes two more USB-C ports for input, which is really nice, when you need to charge this battery up pretty quickly.
It’s always a good idea to get another USB-C cable or two, to have around your home. While you probably don’t need one at your office right now, since the majority of us are not actually going to work. It is good to have one in the car and other places around your home.
This is a USB-C to USB-C cable that is capable of USB-C PD speeds, so it can charge your phone pretty quickly too. That’s important in this day and age of fast charging.
The Pixel Buds Pro are the best pair of earbuds to go along with your new Google Pixel 6a. These are also $199, so they are pretty pricey, but worth the price.
Pixel Buds Pro sport about 11 hours of continuous battery life, which is quite impressive, to say the least. Additionally, you can get about 31 hours of usage with the included charging case. Google has also added active noise cancellation and transparency mode here.
The Fitbit Versa 3 is a great fitness tracker to go along with other accessories for your OnePlus 10 Pro. Especially if you’re looking to get in shape this year.
The Versa 3 is the latest in the Versa line for Fitbit. It offers up all of the fitness tracking that you’d expect from Fitbit. Including the ability to track your steps, your workouts, calories burned and much more. It can also deliver some notifications to your wrist.
The Anker PowerPort Atom PD 1 is the perfect USB-C PD charger to use with the Pixel 5. While it does still come with one in the box, it never hurts to have a spare somewhere in your home or at work.
This is a 30W charger – and yes, the OnePlus 10 Pro tops out at 25W (while the S22+ and S22 Ultra do 45W) but this will work on other devices too. It also uses Gallium Nitride or GaN, which makes this charger a lot smaller than you’re probably used too. Which is why we think it is the best option. Since you can easily toss this into your bag when you’re traveling – if we are ever able to do that again.
This is one of the most interesting looking car mounts out there, and it really doesn’t even look like a car mount.
The Spigen Kuel S40 stealth Car Mount is a minimalist car mount for those that don’t want to use magnets. This is a car mount that folds down when it is not in use. Just open it up and stick your phone in the mount, in landscape mode and you are good to go. It’s a good option, because it is fairly small when it is not in use, so that it is not blocking your view of the road all that much.
Spigen offers the Kuel S40 Stealth car mount in only one color. Which is black and blue, so it can blend in with your car a bit more.
The Google Pixel 7 Pro is only able to charge at up to 23W, so the Google USB-C charger is also a great option to pick up. It will charge other things as well. Though, we’d still recommend one of the other chargers on this list, since you will be able to charge more stuff, and at faster speeds (for other devices).
It’s no secret that ever since its launch, ChatGPT has ushered in a new era of artificial intelligence, with many companies now ramping up their efforts to develop something similar. However, as this technology advances, concerns about its safety and potential risks are also growing. In particular, US President Joe Biden has emphasized the need for caution and urged companies to prioritize safety before releasing their AI products to the public.
In a recent meeting with his council of advisors on science and technology, including executives from Google and Microsoft, Biden discussed the potential risks and opportunities that rapid AI advancement poses to the country.
Further stating that while AI has the potential to help solve some of the world’s most difficult challenges, such as climate change, it also presents significant risks to society, the economy, and national security.
“Tech companies have a responsibility, in my view, to make sure their products are safe before making them public,” says President Biden.
Concerns about misinformation
President Biden is particularly concerned that the rise of AI chatbots like ChatGPT and image and video generator AIs like Synthesia can cause an influx of misinformation in the public, as AI-generated content is already indistinguishable from human-created content.
He has called for tech companies to prioritize safety and ensure that their AI products do not harm individuals or society, given the ease with which AI tools can be used to create misleading or false content.
However, it’s worth noting that the US government has no plans to ban AI, unlike what happened in Italy. Instead, the Biden administration aims to develop guidelines and regulations, like the Blueprint for an AI Bill of Rights, that promote responsible AI practices while safeguarding individual rights and freedoms. By working collaboratively with tech companies, policymakers can create a safer and more transparent AI landscape that benefits everyone.
The discovery came after Z2U exposed a cloud database containing 600,000 customers’ records.
Recently, vpnMentor’s cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database that contained over 600,000 customer records. The database was owned by Z2U, a China-based platform.
The data was analysed by Fowler who noticed images of individuals holding their credit cards, passports, or other government-issued identification documents. It indicates a typical case of a company exposing the KYC data of its customers.
In addition to personal information, it contained records of bank transaction payments, user logins, emails and passwords, software license keys, customer support history, and refunds requested due to frozen accounts.
Z2U claims to be a platform that creates a reliable trade environment between gamers. However, the documents seen by Fowler indicate that the company sells everything from aged Facebook and Instagram accounts to access to HBO, Netflix, and Disney+. Even more concerning is that Fowler confirmed seeing documents that reveal Z2U allegedly offers viruses, malware, and other malicious applications through its platform.
A leaked image shows a virus being sold to hack WhatsApp (Image credit: vpnMentor)
While Z2U claims not to sell stolen, hacked, or cracked accounts, it is unclear how the verification process is performed other than buyers requesting refunds when the account is no longer working or suspended.
According to vpnMentor’s report, the database contained records from users worldwide, and access was closed a week after Fowler sent the notice translated into Chinese.
The risks of the data being publicly exposed are significant. The images of individuals holding their identity documents and credit cards with their faces clearly visible were required by Z2U’s verification process and should have never been publicly exposed. This information puts users at significant risk of identity theft and fraudulent charges.
In addition to personally identifiable information and payment information, the images show that a wide range of other accounts or access to paid services were sold on Z2U’s platform, bypassing the validation processes put in place to prevent malicious or fraudulent activity on other social media platforms.
Many refund requests were marked “Seller Refused to Provide Refund.” Buyers who purchase accounts from secondary or potentially illicit marketplaces run the risk of not having their money returned or actually getting access to the account or goods they thought they were purchasing.
Fowler suspects that the records were attachments to and from customer support. He also saw video files where users filmed their screens to show login issues or payment problems. Z2U claims to have over one million positive reviews and even offers an affiliate program, but many mixed reviews exist, both positive and negative, on independent review websites and Reddit.
The database was hosted on a server based in China, and many of the documents and file names were in Chinese. Many of the account login email addresses for sale used Russian email accounts with the.ru domain extension. It is well-known that Russian cybercriminals are actively engaged in identity theft, online scams, and other malicious activities.
In conclusion, the discovery of the Z2U database raises many ethical and security concerns. While the company claims not to sell stolen, hacked, or cracked accounts, the verification process remains unclear, and the refund requests for frozen accounts suggest otherwise. The images of individuals holding their identification documents and credit cards expose them to significant risks of identity theft and fraudulent charges.
In a move that one Italian minister has called “disproportionate”, Italy has temporarily banned ChatGPT due to data privacy concerns.
Italy has made the decision to temporarily ban ChatGPT within the country due to concerns that it violates the General Data Protection Regulation (GDPR). GDPR is a law concerning data and data privacy which imposes security and privacy obligations on those operating within the European Union (EU) and the European Economic Area (EEA).
The Italian data protection agency, Garante per la Protezione dei Dati Personali (also known as Garante) said there was an “absence of any legal basis that justifies the massive collection and storage of personal data” to “train” ChatGPT, in addition to accusing OpenAI of failing to verify the age of users of ChatGPT.
Italy’s ban has led to privacy regulators in Ireland and France contacting the country’s data privacy agency to find out more regarding the decision to ban ChatGPT.
A spokesperson for Ireland’s Data Protection Commissioner told Reuters: “We are following up with the Italian regulator. We will coordinate with all EU data protection authorities in relation to this matter.”
Not all those are in favor of the ban, however, with Italy’s transport minister and leader of the League party, Matteo Salvini, stating in an Instagram post that the ban is “hypocritical” and “disproportionate”.
Salvini added: “Every technological revolution brings great changes, risks and opportunities. It is right to control and regulate through an international cooperation between regulators and legislators, but it cannot be blocked.”
OpenAI has disabled ChatGPT in Italy as per the agency’s request, but noted that it actively works to prevent the use of private data in the training of its machine learning models. The company also said that it would be working with Granate to “educat[e] them on how [its] systems are built and used”.
Everyone needs a password manager. Yes, even you. And there are quite a few good options out there, but we’ve rounded up the very best password managers that are on the market.
The first one that likely comes to mind is LastPass. They’ve been around for a very long time, and has been a very popular name in the space. But they are actually why we decided to make this list. There’s been a decent amount of bad news coming out about LastPass in the past year, from essentially forcing everyone to pay for LastPass, to it using over seven different trackers. Which could lead to data leakage. Not something you want to hear about your password manager.
So here are some alternatives for LastPass, and to keep your passwords safe and sound.
Why do I need a Password Manager?
Password managers make your life so much easier. Instead of having to remember hundreds of passwords – in fact, I have over 500 in my password manager right now – you only need to remember one password. This also means that you can use more complex passwords than just “1234567890” or your birthday, or something else that is going to be super easy to guess.
These password managers all work on every platform too. From iOS, to Android, to Windows, MacOS, Linux and even most browsers. Making it easier to login to your accounts on your smartphone, desktop or even your tablet.
Additionally, there is usually a feature that allows you to store your credit cards in your password manager, meaning that not just anyone can use your credit card number to buy stuff – like your kids. And finally, most have a notes feature, to store notes behind a pretty secure password. Which can be useful for more sensitive content.
Best Password Managers
Switching password managers can be pretty tough, and annoying, but luckily most of them have a way to export your passwords, so you can easily add them all to the new manager, and be on your way.
This list has the best password managers that are currently available. Now this may change over time, as new ones get better and old ones fizzle out. But let’s check out the best password managers that are currently available.
NordPass
Price: Free, paid accounts are $2.50 and up
Free trial: No, but there is a free account available
NordPass is one of the newer password managers out there, and it comes from the same folks that made NordVPN. One of the best VPN’s on the market.
With NordPass, you’re getting a pretty nice looking design in the app, which is also pretty modern. You also get the ability to save unlimited passwords – even on the free account. You can also use it on up to six devices at the same time (one for the free account).
NordPass can automatically sign into different sites for you, making the sign in process painless. There’s also a feature to scan for password breaches, with the premium version. It makes sharing passwords super simple, and you also have the ability to use two-factor authentication.
1Password is a good choice for the tech geeks out there. This is a very secure password manager, that includes using a “secret key” to get into your vault. I actually found this quite annoying when trying to login to things quickly. But the encryption level here is top-notch, and that’s important for keeping your passwords protected.
Like with most of the best password managers, 1Password also has a password generator. So you can generate a super secure password for every account you save.
With Watchtower from 1Password, you can also see which passwords have been compromised, which are vulnerable and which are weak and need to be changed. So you won’t need to worry about your accounts being hacked.
Dashlane is another household name when it comes to password managers. It’s been around for quite some time, and does offer a free account, as well as paid accounts. And the free account is actually usable.
Not only can you easily save your passwords on Dashlane, but you can also easily change them. Additionally, you also have the ability to share them with anyone. Like your Netflix password, you can easily and securely share it with someone else.
Dashlane also can save your notes, credit card numbers and much more.
Bitwarden isn’t a big name or owned by a big company like some other names on this list, so they are able to offer their service for much cheaper. There is a free plan, along with a premium account for $10/year and a family plan for $40/year. Which is insanely cheap.
With Bitwarden, you can save unlimited passwords on all accounts – even the free one. It also makes it easy to login to your accounts. On the family account, you can add six accounts, making it easier to share passwords between family members.
If you have a premium or family account, you can also securely store some notes and credit card numbers. You get 1GB of secure storage for non-password data.
Keeper offers a few different plans for its password manager, with more and more features. But you can get it for as low as $2.91 per month. Much like other password managers on this best of list, it can autofill your passwords, as well as auto-generate new passwords for new accounts for you as well.
By upgrading your account, you can get dark web monitoring too. To make sure that your passwords have not been compromised or are vulnerable.
It can save unlimited passwords, and be used on unlimited devices as well. Allowing you to use it on your smartphone, tablet and/or desktop.
Password Boss includes all of the usual features from the best password managers on this list. That includes being able to autofill your passwords, as well as generating new passwords. There’s a secure browser available, which is nice for logging into things like your bank account and such.
For security, it has 256-bit AES encryption, as well as two-factor authentication.
For one of the cheaper password managers on this list, Password Boss is pretty feature rich and secure.
LastPass is a really great password manager, but you’d better splurge for a premium account. As the free account will only allow you to use it on one specific device type. That means either on mobile only or on desktop only.
Otherwise, it has a bunch of other great features available, like generating new passwords for you, alerting you to compromised passwords, and there’s also a security challenge, to keep your passwords nice and strong.
One thing that LastPass does that a lot of other best password managers don’t do, is save WiFi passwords. This is useful for those that do a lot of traveling.
Apple has announced that its WorldWide Developer Conference will take place from June 5 through June 9, at Apple Park in Cupertino, California. Once again, this event is going to be open to the press and a small group of developers for the keynote on June 5. While all the sessions will be available online, as it has been since 2020.
In this article, we’re going to go over everything you need to know about WWDC. Like what is it? What’s going to be announced? and so much more.
What is WWDC?
WWDC stands for WorldWide Developer Conference, which is Apple’s annual developers conference that it has held since 1987. It has been held in various venues across the Bay Area since its inception in 1987. Starting out at the Santa Clara Convention Center, then moving to the San Jose Convention Center, then the Moscone West convention center in San Francisco. It went back to the San Jose Convention Center in 2017 up until the pandemic in 2020 shut it all down.
Now, WWDC is held at Apple Park. And it’s really just the keynote that kicks off the conference, with all the sessions being available online.
Typically, at WWDC, Apple will announce the next versions of each software platform that it has. And sometimes we will see some new hardware. It is quite common to see new hardware, but it doesn’t happen every single year. So do keep that in mind here.
Remember that WWDC is a developers conference, so they do announce quite a few things specifically for developers. This is where Apple is able to court developers to get them to develop for their platform. And also provide new tools to make that job easier. As well as making money from it.
When is WWDC 2023?
As it has been for the past many years, WWDC is taking place the first week of June. That’ll be June 5-9, 2023.
It’ll take place at Apple Park, similar to 2022. It’s really just the keynote that will be at Apple Park. As the sessions will all be virtual. And the good thing here is that developers don’t have to scramble to get tickets and pay $1,599 to attend. Instead, it’s free to everyone.
What announcements are expected at WWDC 2023?
There are some things that we know for sure will be announced at WWDC 2023, like iOS 17 and iPad OS 17. But there’s also a few surprises that many are expecting to see. So that’s what we’ll go over here.
iOS 17 & iPad OS 17
Every year, Apple announces the next version of its mobile operating system at WWDC. The developer beta becomes available later that day, with the public beta launching the following month.
There’s been many rumors that this year, iOS 17 and iPad OS 17 will not be huge upgrades compared to previous years. Instead, this is going to be more of a bug squashing update. While that might sound boring, it is sorely needed. And Apple has done this before. Launching a new version of iOS with very few features, in the hopes of squashing some longtime bugs.
Though part of the reason for that is the fact that Apple has reportedly moved a lot of resources over to xOS or RealityOS, which is their new operating system for the AR/VR headset, which we also expect to be shown off at WWDC this year.
watchOS 10
There’s been less rumors about watchOS 10, which is actually quite common for Apple. But according to Bloomberg’s Mark Gurman, watchOS 10 will be a “fairly extensive upgrade”. Gurman says that we should expect notable changes to the user interface. Which would be the first time we’ve seen substantial upgrades to the UI since the first Apple Watch, nearly 10 years ago.
However, the Apple Watch Series 9 won’t be major. Which is fine, there’s not much more Apple can do with the watch hardware, besides give us better battery life.
macOS 14
Then there’s macOS 14. There’s even fewer rumors about this than some of the other products here. We don’t even know what the name will be for this one. During the Mac OS X stages, they were named after different cats like Tiger, Snow Leopard, Puma, and others. In 2013, Apple started naming versions based on California locations. Like Mavericks, Big Sur, Yosemite and El Capitan. With the current version being Ventura.
Names being rumored for macOS 14 include Mammoth, Sequoia, Sonoma and Redwood.
There’s not many rumors about features here, so we could see another iOS 17-esque update for the mac. Where it is mostly a bug fixing update, which we wouldn’t be mad at either.
AR/VR Headset & xOS
Apple has been rumored to be launching an AR/VR Headset for many years, and they have been working on it for quite some time. In fact, Apple’s CEO, Tim Cook was talking about it way back in 2016. And rumors are pointing to it being announced at WWDC. While the launch is going to be pushed back until later in the year. So it’s possible that Apple shows it off at WWDC to developers and then actually starts selling it in the fall.
The headset is not going to be cheap, we’ve seen rumors of it costing $3,000 and even $4,000. That’s quite pricey, but AR and VR combined into one headset is not cheap to do, and there’s not many competitors out there either.
Rumors point to this headset having over a dozen cameras around it that can read facial expressions, detect body movements and even map the surrounding area. It’ll use Iris Scanning for authentication as well. Apple is going to be using 4K micro-OLED displays inside, which are not cheap and are actually pretty rate. But for VR, you need ultra high-resolution screens, since they are so close to your eyes.
Mac Pro
Still a bit niche, but likely will get a bigger reaction than the headset, is the Mac Pro. When Apple announced the Mac Studio in 2022, it teased that it had one more Mac to move to Apple Silicon, the Mac Pro. But it has yet to talk about it at all. In fact, there’s been very few credible rumors about the Mac Pro, which is very surprising.
What is expected here is an updated design of the Mac Pro, with Apple Silicon inside. The design likely won’t change much. Now what chipset that is, is another story. It could be the M2 Ultra, but we haven’t even gotten the M2 Max just yet. Which has a lot of scratching our heads. But we are hoping this is announced at WWDC.
The FBI and European authorities have seized Genesis Market’s clearnet domains as part of the ongoing Operation Cookie Monster.
Genesis is one of the largest marketplaces on the dark web while its presence on clearnet is also quite significant. In the latest, clearnet domains belong to Genesis marketplace have been seized by the FBI under the ongoing Operation Cookie Monster.
When accessed, the marketplace’s domain displays a banner stating that the website is inaccessible because the FBI has executed a seizure warrant.
Although the marketplace administrator(s) have not been identified or caught yet, it is evident that authorities have only seized clearnet domains while its main dark web domain remains online, which suggests that they have not been able to take down the entire Genesis infrastructure.
Regardless, it is still too early to make any assumptions or predictions about what might happen next.
The Dark Web domain of the Genesis market is still online and shows no seizure notice.
How Did the Seizure Happen?
According to the FBI, the seizing was carried out with the collaboration of multiple organizations from the private and public sectors, and international law enforcement agencies.
The seizure notice displayed on the domain also had a message for the site visitors, which read:
“Been active on Genesis Market? In contact with Genesis Market administrators? Email us, we’re interested,” followed by an official email address.
The bureau noted that around two dozen partners were on board for this operation. The seizure was followed by a worldwide applicable search and arrest operation. A federal court in the Eastern District of Wisconsin had issued the seizure warrant.
It is currently unclear who was operating this marketplace as they have maintained a low profile over the years, indicating they have sufficient operational security know-how.
That’s what the Genesis market’s homepage shows right now
By 2020, Genesis had become the world’s most popular marketplace for buying stolen credentials, cookies, and device fingerprints. Considered the largest platform in the world for illicit activities, Genesis Market offered stolen credentials for corporate and consumer accounts.
This market provided access to an extensive range of services with accounts from Gmail, Netflix, Facebook, PayPal, WordPress, Amazon, Zoom, eBay, Cloudflare, Reddit, Spotify, Twitter, and LinkedIn. Therefore, it is understandable that seizing such a thriving platform will be a huge blow to its users.
The seizure of Genesis marketplace should not come as a surprise. This development came just a month after the FBI arrested PomPomPurin (aka Pompompurin, aka Pom), the owner and admin of popular hacker and cybercrime forum Breach Forums, a hacker forum that surfaced as an alternative to the popular and now-seized Raidforums.
How did Genesis Market operate?
The market operators used information stealers to collect login credentials with fingerprint data, such as time zones, IP addresses, cookies, device information, etc.
The operators earned profits from renting the account identities via bots, including stolen accounts, and browser plug-ins that imported the login and fingerprint data of the compromised account to let attackers assume the real owner’s digital identity. As per the account type, buyers paid up to $10 to get access to an account for a specific period.
