Operation Cookie Monster breaks up stolen data-a-service illegal provider. Genesis.market, a well-known place to get stolen passwords, has had its website taken down by the FBI.
Sophos, a security company, says that genesis.market is "an invitation-only marketplace" where people can buy "stolen credentials, cookies, and digital fingerprints that are gathered from compromised systems."
The stolen data souk was called an initial access broker (IAB) by Sophos. An IAB is a business that breaks into systems and services, takes data, and sells it. Lifting "credentials, cookies, and digital fingerprints" was what Genesis.market did best. It sold that information and also had a subscription service that gave people who were being watched up-to-date information.
The security firm also found Genesis had "customer-service features that let bad actors concentrate on doing crimes, not tech" such as a "polished interface with good data-correlation capabilities; effective and well-maintained tools for customers, including a robust search function; and mainstream accoutrements such as a FAQ, user support, pricing in dollars (though payment is in Bitcoin), and competent copyediting."
At the time of writing, neither the FBI nor the Department of Justice, which is the FBI's parent body, had said anything about the seizure.
But people who went to genesis.market knew the site was gone because all of its material except for the splash screen below it has been deleted.
The fact that there are a lot of law enforcement logos around the guy in the hoodie above suggests that the FBI probably worked with other agencies from around the world. Genesis Market had more than one domain name. To get them all, law enforcement forces from different countries would have had to work together across borders.
- FBI seizes Genesis Market, a notorious hacker marketplace for stolen logins