Genesis Market offered access to data stolen from more than 1.5 million compromised computers worldwide and was a key enabler of ransomware. The US Department of Justice has announced a coordinated international operation against Genesis Market, a criminal online marketplace that posted and sold bundles of account access credentials – such as usernames and passwords for email, bank and social media accounts – stolen using malware.
“Working with 45 of the FBI’s field offices and alongside our international partners, the Department of Justice was able to shut down a major criminal market that allowed cybercriminals to target individual victims, businesses and governments around the world,” said the US Attorney General.
“The Genesis Market seizure should serve as a warning to cybercriminals who operate or use these criminal markets: The Department of Justice and our international partners will shut down your illegal activities, find you, and bring you to justice.
“Genesis falsely promised a new era of anonymity and impunity, but ultimately only provided a new way for us to identify, track down, and arrest online criminals. The Justice Department shines a light on the darkest corners of the Internet—in the past year alone, our agents, prosecutors, and partners have disrupted markets The biggest on the dark web – Hydra Market, BreachForums and now Genesis. Each takedown is another blow to the cybercrime ecosystem.”
Since its inception in March 2018, Genesis Market has offered access to data stolen from over 1.5 million compromised computers worldwide containing over 80 million account credentials.
Account access credentials posted for sale on the Genesis Market included those related to the financial sector, critical infrastructure, and federal, state, and local government agencies. Genesis Market has also been one of the most prolific Initial Access Brokers (IABs) in the cybercrime world. IABs attract criminals looking to easily penetrate a victim’s computer system.
As part of this operation, dubbed Operation Cookie Monster, law enforcement seized 11 domain names used to support Genesis Market’s infrastructure pursuant to a warrant approved by the US District Court for the Eastern District of Wisconsin.
A publication by Europol, also a partner in bringing down the cybercrime market, adds that “an unprecedented law enforcement action involving 17 countries resulted in the takedown of Genesis Market, one of the most dangerous marketplaces that sells stolen account credentials to hackers worldwide. As a result of this operation on April 4, this illegal service was disabled and its infrastructure seized.’
The simultaneous actions carried out around the world against the users of this platform, resulted in 119 arrests, 208 property searches and 97 “door knocking and questioning” measures.
The international operation was led by the US Federal Bureau of Investigation (FBI) and the Dutch National Police (Politie), with a command post established at the Europol headquarters on the day of the operation to coordinate the various enforcement measures carried out worldwide. “Genesis Market is considered one of the largest criminal markets in the world, With over 1.5 million bot registrations totaling over 2 million identities at the time of its removal.’