In a global law enforcement campaign, one of the largest criminal marketplaces used by internet fraudsters to purchase passwords has been shut down. Genesis Market sold login credentials, IP addresses, and other information that comprised the "digital fingerprints" of victims.
Personal information frequently costing less than $1 allowed thieves to access bank and retail accounts.
International law enforcement agencies, including the United Kingdom, participated in the coordinated raids. During a series of searches, the National Crime Agency (NCA) of the United Kingdom apprehended 24 suspected site users. Two males in Grimsby, Lincolnshire, aged 34 and 36, are being held on suspicion of fraud and computer misuse. The raids, which began at dawn on Tuesday, included law enforcement authorities from seventeen countries.
The FBI in the United States and the Dutch National Police spearheaded the operation, with cooperation from the NCA in the United Kingdom, the Australian Federal Police, and European nations. 200 searches were conducted internationally, and 120 persons were arrested.
Wednesday visitors to the Genesis website saw the following message: "Mission: Cookie Monster. This site has been confiscated."
The NCA described Genesis Market as a "massive fraud enabler" due to the availability of 80 million sets of credentials and digital fingerprints.
Robert Jones, the NCA's general director of the National Economic Crime Centre mentioned that the criminals have taken identification documents from innocent members of the public for too long. The Dutch police have developed a portal on their website that allows the public to determine if their personal information has been compromised. Genesis Market operated on both the open and dark webs.
It was established in 2017 and distinguished by its English-language interface.
It was a hub for login information that enabled online fraud. Users were able to purchase login information, such as passwords, as well as the victim's browsing history, autofill form data, cookies, location and IP address. This allowed criminals to access bank, email, and shopping accounts, reroute packages, and even change passwords without raising suspicion.
There were Facebook, Netflix, PayPal, eBay, Amazon, Uber, and Airbnb passwords available for purchase. Genesis informed the criminals purchasing the information if the passwords changed.
Genesis provided its users with a custom-built browser that used the stolen information to mimic the victim's PC, making it appear as though they were accessing their account using their usual device and location. Hence, the access did not generate any security alerts. The victim's information may be sold for less than $1 or for hundreds of dollars, depending on the amount of data accessible.
While the majority of Genesis users accessed it for fraudulent purposes, the data for sale might also be used in ransomware attacks, in which hackers block access to data and demand payment to unlock it.
The individual's information that led to the Electronic Arts (EA) breach of 2021 was sold for $10.
Companies' information was also sold on the website, facilitating fraud, hacking of mobile phone numbers, and ransomware attacks. Many victims would realize something was amiss when they noticed fraudulent transactions on their account, or if they were fortunate, when they received a message indicating that someone had signed in as them.
Tens of thousands of offenders are believed to have used Genesis, including several hundred in the United Kingdom.