Law Enforcement Agencies Shut Down Genesis Market

One of the largest criminal marketplaces which is used by on-line fraudsters has been closed down by law enforcement. An international operation has taken down an important hacker forum and the US Federal Bureau of Investigation (FBI) has seized Genesis Market, a notorious hacker marketplace used to acquire compromised credentials and digital browser fingerprints.

This FBI action was the result of “Operation Cookie Monster” a reference to the stolen website cookies sold on Genesis Market in huge volumes over the past five years, along with other data needed for logging in to third-party machines. 

In addition to the FBI, the takedown involved law enforcement agencies from the United Kingdom, Europe, Australia, Canada, Germany, Poland and Sweden.

A number of different domain names are tied to Genesis Market, a very active cyber crime store that sold access to passwords and other data stolen from millions of computers infected with malicious software. Genesis Market sold login details, IP addresses and other data some of which often only cost less than a US dollar.

Genesis Market has been working since March 2018 using the marketing slogan “Our store sells bots with logs, cookies, and their real fingerprints,” and it was notable for its user-friendly interface. 

Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials. Genesis criminals were mainly using it for fraud as the hackers could use the data for sale there to deliver ransomware attacks, where hackers use the data to block a legitimate business’s website and data access and demand payment for its release.

Genesis Market had at least 80m sets of victims entre details for sale and it operated on the Open Web as well as the Dark Web.

This law enforcement operation also saw 120 people arrested and 200 searches carried out globally, according to the British National Crime Agency (NCA). NCA officers have arrested 19 suspected users of the site in the UK,  who are being held on suspicion of fraud and computer misuse. And while these arrests take some alleged cyber criminals offline, the acute demand for stolen personal data means that other hackers will take their place.

These arrests won't stop criminal websites from selling bootleg logins and many of Genesis Market's customers will probably just move on to smaller marketplaces. This in, nevertheless, a significant action that could make it harder for attackers to simply buy the login data they need.

Krebs On Security:    BBC:     Endgadget:    Techcrunch:   CNN:      Infosecurity Magazine:

The FBI’s Advice On Ransomware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Phishing Kits: The New Frontier For Hackers
If It’s Convenient Be Suspicious – The Human Aspect »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

Upstream Security

Upstream Security

Upstream Security is the first cloud-based cyber-security solution that protects the technologies and applications of connected and autonomous vehicles.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

Gijima

Gijima

Gijima is one of SA’s leading ICT companies in Cloud & Outsourcing, Systems integration, Human Capital Management & Training, Cybersecurity, and Unified Communications.

SecureLayer7

SecureLayer7

SecureLayer7 is an international provider of integrated business information security solutions with an innovative approach to IT security.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

Olympix

Olympix

Dev-first Web3 security that starts at the source. Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.

Digital Security Authority (DSA)

Digital Security Authority (DSA)

The establishment of the Digital Security Authority, which incorporates the National CSIRT, is crucial to significantly raising the cybersecurity posture and capabilities of Cyprus.