Criminal Marketplace, Genesis Market, Shut Down
In a coordinated global effort, law enforcement agencies have shut down one of the largest criminal marketplaces, Genesis Market, used by online fraudsters to purchase victims’ login details, IP addresses, and other personal data. Law enforcement agencies from 17 countries, including the UK, US, and Australia, participated in the raids that led to 120 arrests and the seizure of the Genesis website. The marketplace, operating since 2017, had 80 million sets of credentials and digital fingerprints for sale, enabling fraudsters to access bank, email, and shopping accounts without triggering security alerts.
The UK’s National Crime Agency (NCA) arrested 24 individuals suspected of using the site, including two men in Grimsby, Lincolnshire, who were detained on suspicion of fraud and computer misuse. The operation, dubbed “Operation Cookie Monster,” was led by the FBI and the Dutch National Police, who collaborated with agencies from Europe and Australia. Robert Jones, director general of the National Economic Crime Centre at the NCA, emphasised the need for criminals to fear that their own credentials were compromised.
Genesis Market, notable for its user-friendly, English-language interface, operated on both the open and dark web, providing customers with a purpose-built browser to mimic victims’ computers. The marketplace sold login information for various accounts, including Facebook, PayPal, Netflix, and Amazon, and even notified criminals if the purchased passwords changed. Victims’ data, which could be used for fraud or ransomware attacks, typically sold for less than £1 or up to hundreds of Pounds. The data that led to the 2021 hack of gaming giant Electronic Arts (EA) was sold for just $10 on the website.
The NCA estimates that there were about two million victims worldwide, with tens of thousands in the UK. Businesses (and members of the public) are advised to keep their device software up-to-date, use multi-factor authentication where possible, and ensure they use strong passwords which include random words, numbers and special characters and do not use the same passwords for multiple accounts. We also suggest the use of a password manager which is also protected by multi-factor authentication or is linked into a business’s existing single-sign-on solution.
If you want to find out if your credentials have been leaked on the dark web full out the form at the link below to request for a FREE one off Business Dark Web Scan, this can also be made available for businesses as a managed service to ensure that if any of your accounts do become available on the dark web, that you receive instant alerts and One2Call can assist you with making sure that your accounts remain secure.
Latest News Stories
Businesses Exposed in MOVEit Data Breach targeted by Ransom Demand
The notorious cyber crime syndicate, believed to be stationed in Russia, known as the Clop group, has sent an ominous warning to victims of a recent global cyber attack. In a message posted on the dark web, the group has urged those impacted by the MOVEit hack to...
London School Forced to Shut Down Amid “Devastating” Cyber Attack
Leytonstone School, situated in Waltham Forest, London, has forced to shut its doors due to a severe cyber attack on the school. The assault on the school's IT infrastructure has been described as "devastating", resulting in a significant quantity of private data...
British Airways & Boots Staff Personal Data Exposed In Data Breach
In a recent disclosure by British Airways (BA), it was reported that all its UK-based staff have had their personal data exposed in a cyber attack. The information compromised in this security breach includes bank and contact details. This breach occurred following an...
Mark, Modern Creatives
Speed of response and excellent customer service, we like working with smaller local suppliers rather than faceless national providers for these reasons.
Hannah, Sutton McGrath Hartley
Easy to get in touch with, very efficient in responding and quick to provide assistance.
Pete Richardson, DALP
Always provide very prompt support. Excellent.