A coalition of international law enforcement agencies, led by the FBI in the United States and the Dutch National Police, have coordinated the takedown of Genesis Market, a major online criminal marketplace that offered packages of stolen credentials for sale to cybercriminals. Genesis Market facilitated cybercrime by advertising and selling stolen access credentials used to compromise accounts in the financial sector, critical infrastructure, and government agencies.
Genesis Market’s Seized
According to the US Department of Justice, the Genesis Market’s website has been seized, and law enforcement is currently working to identify the most prolific users of the market who used the stolen access credentials to carry out cybercrimes. Authorities have also seized 11 domain names used to support Genesis Market’s infrastructure.
The DOJ revealed that Genesis Market has been in operation since 2018 and has provided access to stolen data from over 1.5 million compromised devices worldwide, containing more than 80 million account access credentials. Apart from stolen credentials, Genesis Market was one of the largest initial access brokers in the cybercrime world, providing access frequently used by ransomware actors.
Authorities say that the criminal marketplace was user-friendly, offering users the ability to search for stolen credentials based on location and account type. Additionally, the market offered device fingerprints, unique combinations of device identifiers and browser cookies that circumvented anti-fraud detection systems used by many websites.
Global Raids and Arrests
The global crackdown on Genesis Market resulted in over 200 searches and the arrest of 120 people in 17 countries. The UK’s National Crime Agency (NCA) was part of the coordinated raids and arrested 24 people, including two men aged 34 and 36 in Grimsby, Lincolnshire, suspected of fraud and computer misuse.
The Genesis Market was a significant contributor to cybercrime, selling login details, IP addresses, and other data that comprised victims’ “digital fingerprints” for as little as $1.00. Fraudsters could use this personal information to log into bank and shopping accounts, essentially assuming the identity of the victim.
The Dutch National Police have launched a portal on their website where the public can check whether their data has been compromised. The NCA called Genesis Market “an enormous enabler of fraud,” and the director general of the National Economic Crime Centre at the NCA, Robert Jones, stated that “we now want criminals to be afraid that we have their credentials, and they should be.”
The takedown of Genesis Market is a significant win for law enforcement and a major blow to cybercriminals who relied on the marketplace to perpetrate their crimes. The global coordination of the raids sends a strong message that international cooperation among law enforcement agencies is essential in the fight against cybercrime. The public must take steps to secure their online accounts by using strong and unique passwords, enabling two-factor authentication, and regularly monitoring their financial and shopping accounts.