Genesis Market seized by FBI and other law enforcement agencies

The domain names for Genesis Market, a cybercrime marketplace that allowed criminals to pose as consumers on websites like Amazon and Fidelity, were seized by the FBI and other law enforcement organizations on Tuesday.

‍

On Tuesday, Genesis' normal login page was replaced with a takedown notice, requesting that users who had further information about Genesis' administrators or operations contact the FBI if they had any.

‍

Matthew Gracey-McMinn, a cybersecurity researcher at Netacea who studies cybersecurity threats, believes Genesis was a "big fish" and its shutdown was a shot across the bow of other threat actors operating in this area.

‍

Operation Cookie Monster was a takedown of an online marketplace that was allowing users to buy and sell data that could serve as a means of impersonating legitimate users of a wide range of major platforms, including Dropbox, PayPal, Microsoft, Twitter, and a number of cryptocurrency exchanges.

‍

These platforms have not been hacked or compromised in any way. In order to get the data that hackers had stolen from the devices of users, criminals could buy digital "bots" that manipulated information gathered from autofill forms, saved login information, and small digital files known as 'cookies' that companies use to track users' online activity.

‍

This was followed by Genesis providing its customers with a custom browser based on Google's Chromium project. Using this browser, bad actors were able to adopt the internet personas of hacked victims, including cookies and auto-filled passwords, in order to masquerade as the victim.

‍

An estimated 350,000 "bots" were available on Genesis' platform by the end of 2021, according to a report published by Netacea.

‍

Gracey-McMinn told Trade Algo that the bots sold on Genesis were of high quality and could fetch up to $450 each if they were of good quality. A lower-quality hacked data that is still being sold on the market today can be as low as $4 or $5, Gracey-McMinn said.

‍

It is unclear whether the FBI and other international law enforcement agencies will be able to detain Genesis' owners and administrators, who are most likely located in Russia or a Russian-speaking region, according to Gracey-McMinn, even if Genesis had been taken down by the FBI and other law enforcement agencies. It is undeniable, however, that this is a "big blow to identity fraud's ease of perpetration," he added.

‍

It would appear that the FBI's Milwaukee field office referred comments to the Bureau's main press office, which did not respond immediately to Trade Algo's request for comment.

‍

Aside from the FBI, law enforcement agencies from Australia, Canada, Germany, Poland, Sweden, and the European Union were also involved in the investigation.