On Wednesday, Britain’s NCA announced that “Operation Cookie Monster.” had seized a massive dark web bazaar popular with hackers.
Genesis Market’s website said late Tuesday that the FBI had seized the company’s domains. The site also featured Qintel and European, Canadian, and Australian police logos.
“We assess that the Genesis is one of the most significant access marketplaces anywhere in the world”. Said NCA Director General of Threat Leadership Rob Jones.
Moreover, The NCA believed the service stored 80 million stolen credentials and digital fingerprints from over 2 million people.
Deputy Attorney General Lisa Monaco claimed many forum participants arrested on Tuesday. A senior FBI officer confirmed US arrests but declined to elaborate. Genesis inquiry continues.
Moreover, The US Treasury Department labelled the market “one of the most prominent brokers of stolen credentials and other sensitive information.” in issuing sanctions.
The FBI and Dutch National Police led the operation. It resulted in 120 arrests, over 200 searches, and around 100 “preventative activity.” across 17 nations, according to British officials.
Qintel did not respond to requests for comment, and Reuters could not find Genesis Market’s administrators, whom the US Treasury said Russian.
Browser Fingerprints
Louise Ferrett, an expert at British cybersecurity firm Searchlight Cyber, said Genesis specialised in selling digital items, including “browser fingerprints” from hacked PCs.
She claimed criminals can utilise fingerprints with credentials, cookies, IP addresses, and other browser or operating system characteristics to defeat anti-fraud measures like multi-factor authentication or device fingerprinting.
The site launched in 2018.
Moreover, Genesis sold stolen data credentials for 70 cents to hundreds of dollars, according to the NCA.
“To get up and running on this you just have to know of the site. As well as potentially be able to get yourself an invite which given the volume of users probably wouldn’t be particularly difficult”. Said NCA Chief of Cyber Intelligence Will Lyne. “Once you become a user, it’s really easy to then … perpetrate criminal activity.”
While, Australia, Canada, Denmark, Estonia, Finland, France, the US, the UK, Germany, Iceland, Italy. New Zealand, Poland, Romania, Spain, Sweden, and Switzerland were investigated by the NCA.
“The Genesis Market lowered the barrier to entry for ransomware groups and allowed many cybercriminals to swiftly scale their operations and carry out targeted attacks for immediate financial benefit,” said John Fokker, chief of threat intelligence for US cybersecurity firm Trellix. “Without even factoring in the arrests of Genesis Market members. Simply removing this immense cybercriminal marketplace from the web will significantly slow down cybercriminal activity.”
