In a coordinated global effort, law enforcement agencies have shut down one of the largest criminal marketplaces, Genesis Market, used by online fraudsters to purchase victims' login details, IP addresses, and other personal data. Law enforcement agencies from 17 countries, including the UK, US, and Australia, participated in the raids that led to 120 arrests and the seizure of the Genesis website. The marketplace, operating since 2017, had 80 million sets of credentials and digital fingerprints for sale, enabling fraudsters to access bank, email, and shopping accounts without triggering security alerts.
Major International Operation
The UK's National Crime Agency (NCA) arrested 24 individuals suspected of using the site, including two men in Grimsby, Lincolnshire, who were detained on suspicion of fraud and computer misuse. The operation, dubbed "Operation Cookie Monster," was led by the FBI and the Dutch National Police, who collaborated with agencies from Europe and Australia. Robert Jones, director general of the National Economic Crime Centre at the NCA, emphasised the need for criminals to fear that their own credentials were compromised.
How Genesis Market Worked
Genesis Market, notable for its user-friendly, English-language interface, operated on both the open and dark web, providing customers with a purpose-built browser to mimic victims' computers. The marketplace sold login information for various accounts, including Facebook, PayPal, Netflix, and Amazon, and even notified criminals if the purchased passwords changed. Victims' data, which could be used for fraud or ransomware attacks, typically sold for less than £1 or up to hundreds of Pounds. The data that led to the 2021 hack of gaming giant Electronic Arts (EA) was sold for just $10 on the website.
Impact and Safety Advice
The NCA estimates that there were about two million victims worldwide, with tens of thousands in the UK. Businesses (and members of the public) are advised to keep their device software up-to-date, use multi-factor authentication where possible, and ensure they use strong passwords which include random words, numbers and special characters and do not use the same passwords for multiple accounts. We also suggest the use of a password manager which is also protected by multi-factor authentication or is linked into a business's existing single-sign-on solution.
Comments