Criminal Marketplace, Genesis Market, Shut Down
In a coordinated global effort, law enforcement agencies have shut down one of the largest criminal marketplaces, Genesis Market, used by online fraudsters to purchase victims’ login details, IP addresses, and other personal data. Law enforcement agencies from 17 countries, including the UK, US, and Australia, participated in the raids that led to 120 arrests and the seizure of the Genesis website. The marketplace, operating since 2017, had 80 million sets of credentials and digital fingerprints for sale, enabling fraudsters to access bank, email, and shopping accounts without triggering security alerts.
The UK’s National Crime Agency (NCA) arrested 24 individuals suspected of using the site, including two men in Grimsby, Lincolnshire, who were detained on suspicion of fraud and computer misuse. The operation, dubbed “Operation Cookie Monster,” was led by the FBI and the Dutch National Police, who collaborated with agencies from Europe and Australia. Robert Jones, director general of the National Economic Crime Centre at the NCA, emphasised the need for criminals to fear that their own credentials were compromised.
Genesis Market, notable for its user-friendly, English-language interface, operated on both the open and dark web, providing customers with a purpose-built browser to mimic victims’ computers. The marketplace sold login information for various accounts, including Facebook, PayPal, Netflix, and Amazon, and even notified criminals if the purchased passwords changed. Victims’ data, which could be used for fraud or ransomware attacks, typically sold for less than £1 or up to hundreds of Pounds. The data that led to the 2021 hack of gaming giant Electronic Arts (EA) was sold for just $10 on the website.
The NCA estimates that there were about two million victims worldwide, with tens of thousands in the UK. Businesses (and members of the public) are advised to keep their device software up-to-date, use multi-factor authentication where possible, and ensure they use strong passwords which include random words, numbers and special characters and do not use the same passwords for multiple accounts. We also suggest the use of a password manager which is also protected by multi-factor authentication or is linked into a business’s existing single-sign-on solution.
If you want to find out if your credentials have been leaked on the dark web full out the form at the link below to request for a FREE one off Business Dark Web Scan, this can also be made available for businesses as a managed service to ensure that if any of your accounts do become available on the dark web, that you receive instant alerts and One2Call can assist you with making sure that your accounts remain secure.
Latest News Stories
How can you modernise your Business Security?
When it comes to business buildings, they often have a large footfall, so protecting and securing your building is vital. Moving away from the old-fashioned methods of building access is the way to take control of security at the points of access. One2Call’s access...
Is your business ready for the ISDN/PSTN Switch Off?
In 2025, the older ISDN and PSTN systems will be switched off, leaving businesses that are still using these older systems at that time without a functioning service. This means that now is the time to start thinking about updating your business phone system to a more...
Protecting your Business from Cyber Attack
Cyber attacks are a constant threat to modern businesses, but how well your business handles them depends on the solutions you have in place to protect yourself. Ignoring cybersecurity can have serious consequences, such as losing private information and breaching...
Our Customers
Testimonials
Rebecca, Straaltechniek
Pawel is great and very helpful!
Chris, Kelham Hall
Another 5 star Job from One2Call’s top man.
Annette, Logo Leisurewear
Happy with excellent service by Pawel and Adam getting my new PC just as I need it to be set up. Thanks.