The FBI cracked down on “Genesis Marketplace,” an infamous cybercrime hub that sold stolen data to perpetrators worldwide.
Yesterday, several domains linked to the underworld marketplace went down; accessing them would prompt an FBI seizure notice to visitors instead of their regular homepages. The intervention, dubbed “Operation Cookie Monster,” was the work of law enforcement agencies from Australia, the US, the UK, Canada, Denmark, Germany, the Netherlands, Spain and Sweden.
The notice further explained that the domains were seized under a warrant signed by the US District Court for the Eastern District of Wisconsin. At the time of writing, neither the US Attorney’s Office for the Eastern District of Wisconsin nor the FBI has released any announcement.
Genesis Market is a notorious digital crime hub, active since 2018, that facilitated access to compromised systems to threat actors. “Our store sells bots with logs, cookies, and their real fingerprints,” read the malicious marketplace’s slogan.
The “bots” sold on the now-defunct website provided perpetrators with the victim’s entire collection of authentication cookies. Loading the victim’s cookies into their browsers allowed threat actors to log into their accounts without knowing their passwords. To make matters worse, stolen authentication cookies also sometimes skirt multi-factor authentication mechanisms.
To help customers import purchased bots, operators developed a special browser dubbed “Genesis Security,” which was also conveniently available as a browser extension. A Wiki was also created to help unfamiliar users buy, load and use the bots.
The seizure of Genesis Marketplace-linked domains allegedly triggered a spate of arrests worldwide, as The Record reported. Operators ran the infamous marketplace on both the dark web and regular websites.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsDecember 19, 2024
November 14, 2024