The international police have taken down the “most dangerous marketplace” which used to sell “stolen account credentials” to hackers worldwide, Europol said in a statement.
The law enforcement agency, carrying out the operation, involving 17 countries, on Tuesday, shut down the Genesis Market and seized its infrastructure.
The US Federal Bureau of Investigation (FBI) and the Dutch National Police (Politie) led this international sweep, with a command post set up at Europol’s headquarters on the action day to coordinate the various enforcement measures being carried out around the world.
Simultaneous actions were also carried out across the globe against the users of this platform, leading to the arrest of 119 people, 208 properties and 97 knock-and-talk measures, according to the statement.
According to Europol’s statement, “Genesis Market was considered one of the biggest criminal facilitators, with over 1.5 million bot listings totalling over 2 million identities at the time of its takedown.”
Main criminal commodity was digital identities
“Genesis Market’s main criminal commodity was digital identities. This marketplace would offer for sale what the market owners referred to as ‘bots’ that had infected victims’ devices through malware or account takeovers attacks,” the statement read.
Upon purchase of such a bot, criminals would get access to all the data harvested by it such as fingerprints, cookies, saved logins and autofill form data.
This information was collected in real-time – the buyers would be notified of any change of passwords, etc.
Price per bot would range from as little as USD 0.70 up to several hundreds of dollars
The price per bot would range from as little as USD 0.70 up to several hundreds of dollars depending on the amount and nature of the stolen data. The most expensive would contain financial information which would allow access to online banking accounts.
The criminals buying these special bots were not only provided with stolen data, but also with the means of using it. Buyers were provided with a custom browser which would mimic one of their victims. This allowed the criminals to access their victim’s account without triggering any of the security measures from the platform the account was on.
These security measures include recognising a different log-in location, a different browser fingerprint or a different operating system, as per the statement.
In addition, unlike other criminal marketplaces, Genesis Market was accessible on the open web, although obscured from law enforcement behind an invitation-only veil.
Its accessibility and cheap prices greatly lowered the barrier of entry for buyers, making it a popular resource among hackers