A notorious hacker marketplace was shut down this week, thanks to efforts by the Dutch National Police and the Federal Bureau of Investigations.
On Wednesday, a forum for cybercriminals called Genesis Market was shut down as part of a raid carried out by international law enforcement agencies. The market was responsible for facilitating identity theft on a mass scale.
Involved in the raid were 45 different field offices for the FBI as well as multiple law enforcement partners in various countries around the world.
The project, called “Operation Cookie Monster,” involved law enforcement from 17 different countries, and it resulted in 119 people being arrested.
According to the Department of Justice, Genesis Market advertised and sold different packages of “account access credentials – such as usernames and passwords for email, bank accounts and social media – that had been stolen from malware-infected computers around the world.”
Reportedly, the forum had roughly 59,000 users registered on it. Genesis Market claimed that there was access to data that was stolen from more than 1.5 million different compromised computers from across the globe, and that contained access credentials to more than 80 million different accounts.
In commenting on the shutdown of Genesis Market this week, U.S. Attorney General Merrick Garland said:
“Working across 45 of our FBI Field Offices and alongside our international partners, the Justice Department has launched an unprecedented takedown of a major criminal marketplace that enabled cybercriminals to victimize individuals, businesses and governments around the world.
“Our seizure of Genesis Market should serve as a warning to cybercriminals who operate or use these criminal marketplaces: the Justice Department and our international partners will shut down your illegal activities, find you, and bring you to justice.”
According to Europol, users on the Genesis Market could purchase a bot. Once they did that, the “criminals would get access to all the data harvested by it such as fingerprints, cookies, saved logins and autofill form data.”
The site offered bots that were as cheap as a dollar or less, Europol said. However, some of the bots that were offered on the site sold for hundreds of dollars. Those higher-priced bots had financial information that ultimately gave criminals access to the online bank accounts that people around the world had.
Other information that was contained in those bots included digital fingerprints, as well as passwords that people used to access sites such as Netflix, PayPal, Amazon, Facebook and other major tech sites and social media platforms.
Hacker marketplaces that are hosted on the darknet have been an increasing focus for law enforcement agencies around the globe, but particularly the United States. American agencies have led the seizure of similar hacker marketplaces in the last year, such as BreachForums and Hydra Market.
The idea behind the focus on these marketplaces is that if criminals didn’t have a place to sell all the stolen data, maybe they wouldn’t steal it in the first place. In addition, it’s possible that some big-time criminals are participating in these marketplaces, in addition to even bigger crimes that they’re committing.