Europol announced on Wednesday that one of the biggest cybercrime markets in the world has been shut down after a huge operation.
This online market, known as Genesis Market, traded in millions of stolen identities and account details.
According to Europol, authorities worldwide participated in “Operation Cookie Monster” and 120 people have already been arrested. A total of 17 countries’ authorities were involved in the operation, which was led by the FBI and the Dutch police. Manhunts already kicked off early on Tuesday morning.
Europol explains that Genenis Market, among other things, sold stolen account credentials to hackers worldwide. This includes account details and passwords for popular websites such as Airbnb, Amazon, Ebay, Facebook, PayPal and Netflix. Criminals who bought these stolen details were even notified by Genesis if legitimate subscribers changed their passwords on these sites.
More than two million people’s accounts and details were listed for sale on Genesis Market at the time of the raid. Their customers were apparently spread all over the world.
Suspects were arrested in Australia, Britain, Canada, the USA and in ten European countries, among others.
Edvardas Sileris, head of Europol’s European cybercrime center who helped with the operation, says the Genesis Market played a key role in the cybercrime market and that its closure has now disrupted the entire cybercrime ecosystem.
BBC report that Genesis Market not only traded on the dark web, but also on the public web. This English website was launched in 2017 and was known for its user-friendly appearance.
Anyone who tried to log into the Genesis website on Wednesday would see a message that read: “Operation Cookie Monster. This website has been seized.”
Genesis Market reportedly offered 80 million sets of details such as login details, digital fingerprints, passwords and the like for sale.
The National Economic Crime Center (NCA) in Britain labeled the website a “massive enabler of fraud”.
“For far too long, criminals have stolen details from innocent members of the public,” said Robert Jones, director general of the NCA, according to the BBC.
“We now want criminals to be afraid that we have their details – and they should be afraid.”
Jones says the website was very sophisticated and used the victims’ stolen data in such a way that it did not raise any red flags regarding security. It has even occurred if the stolen data is used by the victim himself in the same place where the victim would normally use his or her device to log into websites.
Moreover, it was easy for anyone to use Genesis’ website and thus did not require perpetrators to be experienced hackers.
Victims’ details could be purchased for as little as $1 dollar (about R18) or $100 (about R1 800).
Individuals as well as businesses have been victims of the corrupted website.
The police is the Netherlands meanwhile has a portal on its website created where members of the public can check if their data has been compromised.