Law Enforcement Agencies Shut Down Genesis Market

One of the largest criminal marketplaces which is used by on-line fraudsters has been closed down by law enforcement. An international operation has taken down an important hacker forum and the US Federal Bureau of Investigation (FBI) has seized Genesis Market, a notorious hacker marketplace used to acquire compromised credentials and digital browser fingerprints.

This FBI action was the result of “Operation Cookie Monster” a reference to the stolen website cookies sold on Genesis Market in huge volumes over the past five years, along with other data needed for logging in to third-party machines. 

In addition to the FBI, the takedown involved law enforcement agencies from the United Kingdom, Europe, Australia, Canada, Germany, Poland and Sweden.

A number of different domain names are tied to Genesis Market, a very active cyber crime store that sold access to passwords and other data stolen from millions of computers infected with malicious software. Genesis Market sold login details, IP addresses and other data some of which often only cost less than a US dollar.

Genesis Market has been working since March 2018 using the marketing slogan “Our store sells bots with logs, cookies, and their real fingerprints,” and it was notable for its user-friendly interface. 

Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials. Genesis criminals were mainly using it for fraud as the hackers could use the data for sale there to deliver ransomware attacks, where hackers use the data to block a legitimate business’s website and data access and demand payment for its release.

Genesis Market had at least 80m sets of victims entre details for sale and it operated on the Open Web as well as the Dark Web.

This law enforcement operation also saw 120 people arrested and 200 searches carried out globally, according to the British National Crime Agency (NCA). NCA officers have arrested 19 suspected users of the site in the UK,  who are being held on suspicion of fraud and computer misuse. And while these arrests take some alleged cyber criminals offline, the acute demand for stolen personal data means that other hackers will take their place.

These arrests won't stop criminal websites from selling bootleg logins and many of Genesis Market's customers will probably just move on to smaller marketplaces. This in, nevertheless, a significant action that could make it harder for attackers to simply buy the login data they need.

Krebs On Security:    BBC:     Endgadget:    Techcrunch:   CNN:      Infosecurity Magazine:

The FBI’s Advice On Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Phishing Kits: The New Frontier For Hackers
If It’s Convenient Be Suspicious – The Human Aspect »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

National Association of Software and Services Companies (NASSCOM) - India

National Association of Software and Services Companies (NASSCOM) - India

NASSCOM is a trade association of Indian Information Technology and Business Process Outsourcing industry. Areas of activity include cyber security.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Forum of Incident Response & Security Teams (FIRST)

Forum of Incident Response & Security Teams (FIRST)

FIRST is the global Forum of Incident Response and Security Teams.

Snode Technologies

Snode Technologies

Snode's Guardian cybersecurity platform uses AI and machine learning to monitor, detect and proactively respond to all threats on every device within your network.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

UK Cyber Security Association (UKCSA)

UK Cyber Security Association (UKCSA)

The UK Cyber Security Association (UKCSA) is a membership organisation for individuals and organisations who actively work in the cyber security industry.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.

ColCERT

ColCERT

ColCERT is the national cybersecurity emergency response team of Colombia.

RySec

RySec

RySec specialize in affordable cybersecurity solutions designed to protect your business from today’s ever-evolving threats.