HQ/EMEAFind out how we can help your business
The FBI conducted a seizure operation that led to the shutdown of the domains used by Genesis Market – one of the most utilised dark web marketplaces in the cybercrime ecosystem. This operation, dubbed Operation Cookie Monster, aimed to takedown cybercriminal infrastructures that facilitate large-scale trade of stolen databases.
Since its initial emergence in 2017, Genesis Market has progressively become the most popular marketplace for cybercriminal actors, trading a wide array of illegal products and services, such as stolen databases from companies, online account credentials, bank accounts, session cookies, and digital fingerprints, among others.
Threat actors who have been the marketplace’s clients rent out account identities and fingerprint data of hack victims, allowing them to carry out identity fraud and other malicious activities. Genesis Market also provides its clients browser plug-ins to import compromised accounts’ login data and digital fingerprints.
Experts believe that Genesis Market’s seizure indicates how even one of the major dark web marketplaces could be crippled by law enforcement. Upon accessing the marketplace’s domains, a huge banner from the FBI would be displayed to notify site visitors about its downfall.
There currently is no statement released from the FBI about this matter.
Operation Cookie Monster is hunting down Genesis Market’s admins.
As seen from the banner posted on the seized Genesis Market domains, the FBI appears to be hunting its administrators, asking site visitors to email them for information. Thus, this implies that the authorities have yet to capture any of the marketplace’s owners despite being able to seize their domains.
Alongside the FBI is the contribution of efforts from different organisations that allowed Genesis Market’s domain seizure to happen. Some of these law enforcement agencies are AFP, Europol, Politi, NCA, Guardia Civil, and over a dozen other groups that helped Operation Cookie Monster succeed.
This news follows another recent cybercriminal infrastructure seizure involving authorities taking down ‘BreachForums’ and arresting its owner – Pompompurin. BreachForums is also one of the most active and infamous cybercriminal forums and marketplaces, where many threat actors gather to discuss cyberattack operations and purchase stolen databases.
