Jago Times "English Edition" Best Online Newspaper
THE HAGUE: A global police operation has shut down one of the world’s largest online marketplaces where cybercriminals can buy stolen identities and passwords, international law enforcement said on Wednesday.
Genesis Market sold the identities of over two million people for as little as $0.70, allowing hackers to target bank accounts and carry out online fraud, officials in several countries said.
Police arrested 119 people in the huge crackdown, dubbed “Operation Cookie Monster”, which was led by the US Federal Bureau of Investigation (FBI) and Dutch police and involved 17 countries.
The website was based in Russia, according to the US Treasury, which said it had imposed sanctions against Genesis Market.
Europol said the “unprecedented law enforcement operation” had taken down “one of the most dangerous marketplaces selling stolen account credentials to hackers worldwide”.
“Genesis Market listed for sale the identities of over two million people when it was shut down,” the EU’s policing agency said.
Action against criminals took place in countries including Australia, Britain, Canada, the US and more than 10 countries in Europe. Britain’s National Crime Agency (NCA) said 24 people were arrested in Britain. Another 17 people were arrested in the Netherlands.
‘Most dangerous’
People trying to access the website on Wednesday saw a screen saying, “This website has been seized” and “Operation Cookie Monster”, along with a picture of a person in an FBI hoodie in front of a computer. A cookie is a piece of computer data that makes it easier to reopen web pages.
Europol said the site offered “bots” for sale that had infected victims’ devices through malware or other methods. “Upon purchase of such a bot, criminals would get access to all the data harvested by it such as fingerprints, cookies, saved logins and autofill form data,” it said.
The information was collected in real-time so buyers would be notified of any change of passwords. Prices for bots ranged from as little as $0.70 to several hundred dollars in the case of valuable bank account information, Europol said.
Unlike so-called “dark web” services, Genesis was available on the open web “although obscured from law enforcement behind an invitation-only veil”, the agency said.
“Its accessibility and cheap prices greatly lowered the barrier of entry for buyers, making it a popular resource among hackers.”
Dutch police said Genesis not only sold account information, but also copies of people’s online “fingerprints”, or unique digital information, allowing hackers to take over the victim’s life, he said.
The site had a worldwide reach, said the EU’s judicial agency, Eurojust, which is also based in The Hague.
The US Treasury Department in a statement said Genesis is believed to be located in Russia. “This action was coordinated with the US Department of Justice and international partners from a dozen countries,” it said.