Posted on April 6, 2023 at 7:51 PM

Genesis marketplace was taken down by authorities in Operation Cookie Monster

Law enforcement authorities have taken down one of the largest online hacker marketplaces, Genesis Market. The marketplace has been taken down in an international operation spearheaded by the Federal Bureau of Investigations (FBI), the Dutch National Police and the support of Europol.

Authorities take down one of the largest online hacker marketplaces

Genesis Market is a platform that specializes in trading digital identities. This platform offers ‘bots’ browser fingerprints. Hackers worldwide used the platform and infected victims’ devices by launching malware campaigns and conducting account takeovers.

Hackers use the platform to trade information stolen from users through hacking exploits. The price of the information stolen from the platform ranges from 70 cents for basic personal data of individuals to hundreds of dollars for corporate accounts or financial fraud opportunities that enable access to online banking.

When the interested parties purchase data offered for sale on this platform, they will access the entire data harvested by a bot. The data the purchasers can access include cookies, fingerprints, saved login details and the data listed on autofill forms.

The access given to the other threat actors involved in the campaign was available for multiple applications on user devices. The services include Amazon, eBay, Facebook, Gmail, LinkedIn, Netflix, PayPal, Spotify, Twitter, WordPress, and Zoom. The hackers targeting these platforms might have access to a wide range of user data because these platforms are increasingly popular.

The purchasers also accessed a browser designed to appear similar to the victim’s browser. The browser allowed the hackers to access accounts from users without triggering any security measures. This initiative is achieved by mimicking the usual location and the operating system.

The victims of these hacking campaigns were subjected to attacks such as fraud, ransomware, sim-swapping, and stealing the corporate code. However, law enforcement authorities have now taken down this marketplace.

When authorities took down the Genesis Marketplace, it contained over 1.5 million bot listings. The marketplace also had more than two million stolen identities. The operation conducted by the authorities is named “Operation Cookie Monster.” The raid against this market was conducted globally, triggering 208 property searches, 199 arrests, and 97 “knock and talk” strategies.

The website of the Genesis marketplace currently features a message that the FBI has published. The message explains that the site has been seized and authorities have taken it down. However, the authorities are also calling for more information about the partners of the site administrators, indicating that the authorities have yet to uncover the identity of the people behind the site.

Europol participated in the operation

Besides the FBI and the Dutch National Police, Europol also participated in this operation. The head of the Europol European Cybercrime Centre, Edvardas Sileris, commented on this operation saying that the marketplace targeted people globally. Sileris noted that the operation’s success was attributed to the international partners that worked with authorities on the matter.

“Through the combined efforts of all the law enforcement authorities involved, we have severely disrupted the criminal cyber ecosystem by removing one of its key enablers,” Sileris said.

The Genesis marketplace was accessible through the open web, and people could only access this platform through invitation. The marketplace has been operational for around five years, mainly targeting professional hackers. The platform provides tools for customers, user support, and a search function feature.

The director general NECC and threat leadership of the UK’s National Crime Agency, Rob Jones, commented on this development, saying that cybercriminals and fraudsters used technical infrastructure to conduct their operations. This infrastructure offered the tools needed by hackers to conduct their attacks and offer the means needed to benefit from attacks.

Jones noted that Genesis Market was a major example of this service and it was among the most popular platforms in the hacking industry. Removing the marketplace will guarantee that criminals who used the platform globally can no longer do so.

The Dutch authorities have created a portal that can be used to check whether the information of an individual was compromised. The authorities have also suggested that the affected individuals need to install anti-virus software and reach out to important third-parties such as banks and insurance companies.