In an unprecedented police operation, the European police “Europol” announced, on Wednesday, that thanks to an international security operation, one of the largest electronic piracy platforms in the world, which was selling data belonging to stolen accounts, had been closed.
Europol said in a statement that the unprecedented police operation involving 17 countries made it possible to dismantle Genesis Market, one of the most dangerous electronic markets dedicated to crime in the world.
Users who now log into Genesis will see a message stating that the website has been taken over by the US Federal Bureau of Investigation.
During a series of raids, the UK’s National Crime Agency (NCA) arrested 24 suspected users of the site, and globally, 200 searches were carried out and 120 arrests were made.
The Genesis marketplace had 80 million sets of credentials and digital fingerprints for sale, which the NSA described as a “massive fraud enabler”.
“Criminals have long stolen the credentials of innocent members of the public,” said Robert Jones, general director of the NCA’s National Economic Crime Center.
Genesis Market sold login details, IP addresses and other data that constituted the “digital fingerprints” of the victims, according to the BBC.
The site after it was shut down by the FBI
Digital fingerprints…addresses and passwords
He states that Genesis Market operates on the open web, not just the dark web. Created in 2017, it has an easy-to-use interface in English. It was also a one-stop-shop for login credentials that enabled online fraud.
Users may also purchase login information, including passwords, and other parts of a victim’s “digital footprint”, such as browser history, cookies, auto-fill form data, IP address, and location. This allowed fraudsters to log into bank accounts, email, shop, forward deliveries, and even change passwords without arousing suspicion. The logins for the sale also included passwords for Facebook, PayPal, Netflix, Amazon, eBay, Uber and Airbnb accounts.
Genesis also provided its customers with a purpose-built browser that would use the stolen data to mimic a victim’s computer, making it appear as if they were logging into their account using their usual device in their usual location.