Britain's National Crime Agency (NCA) announced that dark web marketplace Genesis Market has been taken down following a multinational crackdown, which resulted in about 120 arrests, more than 200 searches and almost 100 pieces of preventative activity efforts.
Operation Cookie Monster was led by the FBI and the Dutch National Police, but it involved the efforts of 17 other countries such as Australia, Canada, Denmark, Estonia, Finland, France, the United States, the UK, Germany, Iceland, Italy, New Zealand, Poland, Romania, Spain, Sweden and Switzerland.
Genesis Market was launched in 2018 and included stolen credentials and other pieces of sensitive information. The website specialised in the sale of digital goods, particularly ‘browser fingerprints’ obtained from compromised computers that were infected with malicious software.
Analysts from British cybersecurity firm Searchlight Cyber explained that these browser fingerprints can include cookies, credentials, internet protocol addresses, and other browser or operating system details. These details can be exploited by criminals to circumvent anti-fraud solutions such as multi-factor authentication or device fingerprinting.
NCA officials cited by Reuters estimated that Genesis Market hosted about 80 million credentials and digital fingerprints stolen from more than 2 million people. Cybersecurity firm Qintel was also involved in the multinational crackdown, as its banner is visible on the seized website alongside those of the Europol, NCA, Eurojust, and other law enforcement agencies.
As for the administrators of the Genesis Market, US Treasury data cited by Reuters indicates that they operated from Russia.
Europol revealed that its European Cybercrime Centre (EC3) has been supporting an investigation into Genesis Market since 2019 by coordinating international activity with the help of the Joint Cybercrime Action Taskforce (J-CAT). EC3’s support included data analysis, the organisation of operational meetings, and the facilitation of the information exchange. Europol’s headquarters in The Hague hosted a command post that ensured everything would go smoothly on the action day across the world.
Europol also emphasised that there were over 1.5 million bots listed on Genesis Market, which means that a large number of credentials have ended up for sale on this criminal marketplace. In order to find out if their information has been compromised, the Dutch Police has developed a portal that allows individuals to fill in their email addresses and perform a check. It’s worth noting that users will receive a reply in their email from the police only if their data has been compromised.
If they do receive a reply, individuals are advised to run an antivirus scan followed by a complete password change. They should also notify any relevant stakeholders, as well as their banks, insurance companies and other important third parties.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now