FBI seizes a giant online marketplace for stolen logins
Genesis Market was a haven for ransomware hackers.
Law enforcement just took down an important hacker haven. TechCrunch reports the FBI has seized Genesis Market, a major marketplace for stolen logins, as part of an international campaign dubbed "Operation Cookie Monster." The UK's National Crime Agency adds that authorities arrested roughly 120 people worldwide as part of the bust, including 19 site users in that country.
We've asked the FBI and Justice Department for comment. In a release, the Justice Department says the seizure took down a "key enabler" of ransomware. Beyond the US and UK, the campaign included agencies from Australia, Canada, Denmark, Sweden and European countries like Germany and Poland. Europol and the EU's Eurojust were also involved.
Genesis Market was founded in March 2018 and sold logins, cookies and browser fingerprints taken from breached systems. Hackers could not only sign into accounts, but impersonate web browsers to access those accounts without needing a password or two-factor authentication token. So long as Genesis could still reach a victim's devices, it could offer up-to-the-minute data from that victim — a valuable resource for hackers that sometimes have to settle for old and sometimes useless data.
The black market shop has sometimes been linked to high-profile cybercrime incidents. Motherboard noted that the intruders behind the 2021 EA hack said they bought a $10 bot from Genesis to hijack a Slack account at the game publisher.
The seizure and arrests won't stop sites from peddling bootleg logins. It won't be surprising if many of Genesis Market's customers turn to smaller marketplaces. All the same, this is a significant action that could make it harder for attackers to simply buy the login data they need. It also comes as law enforcement is stepping up efforts to disrupt the ransomware networks themselves. In theory, digital extortion is a more difficult proposition than it was even a few months ago.
