'Operation Cookie Monster': International police action seizes dark web market | Inquirer ºÚÁÏÉç

ºÚÁÏÉç

‘Operation Cookie Monster’: International police action seizes dark web market

/ 09:54 AM April 06, 2023

Projection of cyber code on hooded man is pictured in this illustration picture

FILE PHOTO: A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

WASHINGTON/LONDON — International law enforcement agencies have seized a sprawling dark web marketplace popular with cybercriminals, Britain’s National Crime Agency (NCA) said on Wednesday, in a multinational crackdown dubbed “Operation Cookie Monster.”

A banner plastered across Genesis Market’s site late on Tuesday said domains belonging to the organization had been seized by the FBI. Logos of other European, Canadian and Australian police organizations were also emblazoned across the site, along with that of cybersecurity firm Qintel.

Article continues after this advertisement

“We assess that the Genesis is one of the most significant access marketplaces anywhere in the world,” said Rob Jones, the NCA’s Director General of Threat Leadership.

FEATURED STORIES

The NCA estimated that the service hosted about 80 million credentials and digital fingerprints stolen from more than 2 million people.

US Justice Department Deputy Attorney General Lisa Monaco in a statement said many of the forum’s users were arrested on Tuesday. A senior FBI official said arrests had been made in the United States but declined to provide further details. The investigation into Genesis is still ongoing.

Article continues after this advertisement

The US Treasury Department in a statement announcing sanctions against the market called it “one of the most prominent brokers of stolen credentials and other sensitive information.”

Article continues after this advertisement

British authorities said 17 countries were involved in the operation, which was led by the FBI and Dutch National Police and resulted in about 120 arrests, more than 200 searches and almost 100 pieces of “preventative activity.”

Article continues after this advertisement

Qintel did not immediately return messages seeking comment and Reuters could not immediately locate contact details for Genesis Market’s administrators, which the US Treasury said were believed to operate from Russia.

Genesis specialized in the sale of digital products, especially “browser fingerprints” harvested from computers infected with malicious software, said Louise Ferrett, an analyst at British cybersecurity firm Searchlight Cyber.

Article continues after this advertisement

Because those fingerprints often include credentials, cookies, internet protocol addresses and other browser or operating system details, they can be used by criminals to bypass anti-fraud solutions such as multi-factor authentication or device fingerprinting, she said.

The site had been active since 2018.

The NCA said Genesis had operated by selling credentials from as little as 70 cents to hundreds of dollars depending on the stolen data available.

“To get up and running on this you just have to know of the site, potentially be able to get yourself an invite which given the volume of users probably wouldn’t be particularly difficult,” said Will Lyne, NCA Head of Cyber Intelligence. “Once you become a user, it’s really easy to then … perpetrate criminal activity.”

The NCA said countries involved in the investigation included Australia, Canada, Denmark, Estonia, Finland, France, the United States, the UK, Germany, Iceland, Italy, New Zealand, Poland, Romania, Spain, Sweden and Switzerland.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the and acknowledge that I have read the .

“The Genesis Market lowered the barrier to entry for ransomware groups and allowed many cybercriminals to swiftly scale their operations and carry out targeted attacks for immediate financial benefit,” said John Fokker, head of threat intelligence for US cybersecurity firm Trellix. “Without even factoring in the arrests of Genesis Market members, simply removing this immense cybercriminal marketplace from the web will significantly slow down cybercriminal activity.”

RELATED STORIES:

Cybersecurity is a matter of national security, experts tell Marcos

Ukraine hit by cyber attack as U.S. questions Russian troop pullback

globalnation
entertainment
globalnation
business
sports
TAGS: Cyber-Attack, Dark Web, world news

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the and acknowledge that I have read the .

© Copyright 1997-2024 ºÚÁÏÉç | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies.