Criminal Marketplace, Genesis Market, Shut Down

In a coordinated global effort, law enforcement agencies have shut down one of the largest criminal marketplaces, Genesis Market, used by online fraudsters to purchase victims’ login details, IP addresses, and other personal data. Law enforcement agencies from 17 countries, including the UK, US, and Australia, participated in the raids that led to 120 arrests and the seizure of the Genesis website. The marketplace, operating since 2017, had 80 million sets of credentials and digital fingerprints for sale, enabling fraudsters to access bank, email, and shopping accounts without triggering security alerts.

The UK’s National Crime Agency (NCA) arrested 24 individuals suspected of using the site, including two men in Grimsby, Lincolnshire, who were detained on suspicion of fraud and computer misuse. The operation, dubbed “Operation Cookie Monster,” was led by the FBI and the Dutch National Police, who collaborated with agencies from Europe and Australia. Robert Jones, director general of the National Economic Crime Centre at the NCA, emphasised the need for criminals to fear that their own credentials were compromised.

Genesis Market, notable for its user-friendly, English-language interface, operated on both the open and dark web, providing customers with a purpose-built browser to mimic victims’ computers. The marketplace sold login information for various accounts, including Facebook, PayPal, Netflix, and Amazon, and even notified criminals if the purchased passwords changed. Victims’ data, which could be used for fraud or ransomware attacks, typically sold for less than £1 or up to hundreds of Pounds. The data that led to the 2021 hack of gaming giant Electronic Arts (EA) was sold for just $10 on the website.

The NCA estimates that there were about two million victims worldwide, with tens of thousands in the UK. Businesses (and members of the public) are advised to keep their device software up-to-date, use multi-factor authentication where possible, and ensure they use strong passwords which include random words, numbers and special characters and do not use the same passwords for multiple accounts. We also suggest the use of a password manager which is also protected by multi-factor authentication or is linked into a business’s existing single-sign-on solution.

If you want to find out if your credentials have been leaked on the dark web full out the form at the link below to request for a FREE one off Business Dark Web Scan, this can also be made available for businesses as a managed service to ensure that if any of your accounts do become available on the dark web, that you receive instant alerts and One2Call can assist you with making sure that your accounts remain secure.

Latest News Stories