Genesis Market has been closed down in a massive, coordinated global law enforcement crackdown.
Genesis Market was one of the world’s biggest criminal marketplaces used by online fraudsters to buy passwords sold login details, IP addresses and other data that made up victims’ “digital fingerprints”.
Often costing less than $1, the personal information let fraudsters log into bank and shopping accounts.
Law enforcement agencies around the world were part of the co-ordinated raids, including the UK. During a series of raids, the UK’s National Crime Agency (NCA) arrested 24 people who are suspected users of the site.
Law enforcement agencies from 17 countries were involved in the raids, which began at dawn on Tuesday. The operation was led by the FBI in the US and the Dutch National Police, working alongside the NCA in the UK, the Australian Federal Police, and countries across Europe.
Globally, 200 searches were carried out and 120 people were arrested.
Genesis Market had 80 million sets of credentials and digital fingerprints up for sale, with the NCA calling it “an enormous enabler of fraud”.
“For too long criminals have stolen credentials from innocent members of the public,” says Robert Jones, director general of the National Economic Crime Centre at the NCA.
“We now want criminals to be afraid that we have their credentials, and they should be,” he added.
Genesis Market, set up in 2017, operated on the open web, not just the dark web and was notable for its user-friendly, English-language interface.
It was a one-stop shop for login data that enabled online fraud. Users could buy login information, including passwords, and other pieces of a victim’s “digital fingerprint”, such as their browser history, cookies, autofill form data, IP address and location.
This allowed fraudsters to log in to bank, email and shopping accounts, re-direct deliveries and even change passwords without raising suspicion.
Genesis provided its customers with a purpose-built browser which would use the stolen data to mimic the victim’s computer so it looked as if they were accessing their account using their usual device in their usual location. So the access did not trigger any security alerts.
“It was a very sophisticated website, very easy to use, with a wiki [website that can be modified or contributed to by users] telling you how to use it, and accessible on the open web and the dark web,” continues the NCA’s Jones.
“So you didn’t need to be a sophisticated cyber actor to get into this. You just needed to be able to use a search engine, and then you could start committing crime.”
Depending on how much data was available, a victim’s information would sell for less than $1, or for hundreds of dollars.
The post Fraud prevention: Genesis Market cybercrime site shut down appeared first on Payments Cards & Mobile.