by Washington – A sophisticated cybercrime marketplace that sold the “digital fingerprints” of hacked computer systems was toppled on Tuesday after more than 100 suspected users were arrested in a coordinated international seizure operation, the ministry said on Wednesday of Justice and the FBI.
Genesis Market – a darknet site that sold data containing login credentials for bank accounts, social media passwords and IP addresses of victims of identity theft and data breaches – sold 80 million credential sets from more than 1.5 million compromised computers, according to investigators.
Dubbed “Operation Cookie Monster” – a nod to identifying data called “cookies” collected from individual computers – the international law enforcement action led by the FBI and its European partners resulted in the arrest of nearly 120 suspected users of the illegal exchange and seizure of the Genesis domain. A total of 15 countries including the UK and Australia have joined the operation.
Some suspects have been arrested in the United States, according to senior law enforcement officials, and the investigation is continuing.
In the more than five years since its inception, Genesis has acted as one of the most prolific initial access brokers of stolen information, allegedly selling data that was then used by ransomware attackers to access computer networks in the United States and around the world. The stolen data the market advertised for sale included identifying information related to the financial sector, critical infrastructure and all levels of government, the Justice Department said.
Users from almost every country in the world could basically buy the kind of personal information they wanted to buy online. The Genesis website made it easy to find, based on location or account type. Operating by invitation only, senior law enforcement officials said Genesis sells bots that essentially act as a “subscription” service to access compromised systems, sometimes updating login credentials as victims change. their passwords. This ensured continued access to targeted systems.
“We’re not just suing admins or taking down the view. We’re suing users,” the officials said in announcing Gensis’ takedown.
The seizure of Genesis is the latest in recent operations by US investigators and their partners around the world to target bad actors on the internet. Last month, the FBI arrested the founder of BreachForums, one of the world’s largest exchanges allowing cybercriminals to buy, sell and trade hacked or stolen data, including bank accounts and phone numbers. special security. And in January, the FBI and international law enforcement partners took down a ransomware group after more than a year of spying on cybercriminals from inside the network. THE criminal enterprise, known as Hivehas targeted over 1,500 institutions in over 80 countries since June 2021, raising over $100 million from its victims.
“Our seizure of Genesis Market should serve as a warning to cybercriminals who operate or use these criminal marketplaces: the Department of Justice and our international partners will stop your illegal activities, find you, and bring you to justice,” the prosecutor said. General Merrick Garland. in a written statement Wednesday.
Federal investigators are advising potential victims of Gensis’ sale of personal data to visit HaveIBeenPwned.com, a free service that determines whether their information has been compromised in the scheme and, if necessary, changes their login credentials.
