Authorities Seized Most Popular Marketplace for Stolen Credentials

Law enforcement agencies seized the domains for Genesis Market, one of the world’s biggest marketplaces for cyber fraud. Genesis has been connected to millions of financially driven cyber incidents worldwide, from fraud to ransomware attacks.

Genesis served as a one-stop shop for thieves, selling stolen credentials and the tools to weaponize that data.

The login pages of Genesis Market’s websites have been changed to a splash page announcing the takedown, titled Operation Cookie Monster. Both on the regular web and the dark web, the organization maintained websites.

Genesis Market domains seized by the FBI

Accessing the Genesis Market domains reveals a banner stating that the FBI has executed a seizure warrant, even though authorities have not released press statements announcing the seizure.

Given that the FBI is searching for anyone who has contact with them, it appears that the marketplace’s administrators have not been recognized. Keeping a low profile for so long suggests that whoever is behind the Genesis Market has a solid understanding of operational security.

“These seizures were possible because of international law enforcement and private sector coordination,” reads the seizure banner.

“For too long criminals have stolen credentials from innocent members of the public,” Robert Jones, director general of the National Economic Crime Centre at the NCA, said.

“We now want criminals to be afraid that we have their credentials, and they should be.”

Genesis Market – A One-Stop Shop for Login Data

Login information, IP addresses, and other information that served as the victims’ “digital fingerprints” were sold by Genesis Market.

The personal data, frequently less than $1, allowed thieves to access bank and shopping accounts.

Reports say Genesis Market offered hackers access to “bots” or “browser fingerprints, ” enabling them to impersonate victims’ online browsers. These fingerprints included IP addresses, session cookies, operating system details, and plugins.

They generated money by renting out the account identities using bots that had stolen accounts together with the fingerprint information that gave the access the appearance of being authorized.

Genesis Market operators made it simpler for clients by offering browser plug-ins that could import the login information and digital fingerprints of a hijacked account, immediately assuming the digital identity of the actual owner. Buyers may pay less than $10 for access to an account for a specified period, depending on the type of account.

Many services with global user accounts were accessible through Genesis Market. Gmail, Facebook, Netflix, Spotify, WordPress, PayPal, Reddit, Amazon, LinkedIn, Cloudflare, Twitter, Zoom, and eBay were a few among them.

Building Your Malware Defense Strategy – Download Free E-Book

Related Read: