Genesis Market Taken Offline
Genesis Market, one of the biggest online marketplaces that catered to criminals seeking stolen credentials worldwide, has been taken down by a joint operation led by the FBI and the Dutch National Police.
The National Crime Agency, in collaboration with 17 countries, played a significant role in dismantling the nefarious platform, which had amassed around 80 million credentials and digital fingerprints from over two million people.
The investigation led to the identification of several UK-based users, with information being shared among the police forces, leading to coordinated raids by the NCA, Regional Cyber Crime Units, and other police forces.
This effort resulted in 19 arrests in the UK, including two men aged 34 and 36 who were apprehended by the NCA in Grimsby on charges related to the Computer Misuse Act and fraud.
The takedown of Genesis Market is a significant win in the fight against cybercrime and serves as a warning to those who engage in such illicit activities.
Genesis Market was not limited to the dark web and operated on the open web with a user-friendly interface in English. Since its establishment in 2017, it was recognized for its expertise in selling login data, including passwords and other elements of a victim’s “digital fingerprint,” such as browsing history, cookies, autofill form data, IP address, and location, that facilitated online fraud. This allowed criminals to access victims’ bank, email, and shopping accounts, redirect deliveries, and even change passwords without being detected. The platform provided login data for a variety of accounts, such as Facebook, PayPal, Netflix, Amazon, eBay, Uber, and Airbnb, and even alerted customers when the passwords changed.
To help customers commit fraud without raising suspicion, Genesis provided a specially designed browser that mimicked the victim’s device and location, allowing them to access accounts without triggering any security alerts. According to Robert Jones, Director General of the National Economic Crime Centre at the NCA, the website was highly sophisticated and accessible on both the open web and the dark web, making it simple for even novice cybercriminals to get started.
Depending on the amount of data available, a victim’s information could sell for as little as $1 or as much as hundreds of dollars. While Genesis was primarily used for fraud, the stolen data could also be used for ransomware attacks, in which hackers block access to data and demand payment for its release.