Operation Cookie Monster: police shut huge cybercrime site
A global police operation has shut down one of the world's largest online marketplaces where cybercriminals can buy stolen identities and passwords, international law enforcement said on Wednesday.
Genesis Market sold the identities of over two million people for as little as $0.70, allowing hackers to target bank accounts and carry out online fraud, officials in several countries said.
Police arrested 119 people in the huge crackdown, dubbed "Operation Cookie Monster", which was led by the US Federal Bureau of Investigation (FBI) and Dutch police and involved 17 countries.
The website was based in Russia, according to the US Treasury, which said it had imposed sanctions against Genesis Market.
Europol said the "unprecedented law enforcement operation" had taken down "one of the most dangerous marketplaces selling stolen account credentials to hackers worldwide."
"Genesis Market listed for sale the identities of over two million people when it was shut down," the EU's policing agency said.
Action against criminals took place in countries including Australia, Britain, Canada, the United States and more than 10 countries in Europe.
Britain's National Crime Agency said 24 people were arrested in Britain. Another 17 people were arrested in the Netherlands.
- 'Most dangerous' -
People trying to access Genesis Market on Wednesday saw a screen saying, "This website has been seized" and "Operation Cookie Monster", along with a picture of a person in an FBI hoodie in front of a computer.
A cookie is a piece of computer data that makes it easier to reopen web pages.
Europol said the site offered "bots" for sale that had infected victims' devices through malware or other methods.
"Upon purchase of such a bot, criminals would get access to all the data harvested by it such as fingerprints, cookies, saved logins and autofill form data," it said.
The information was collected in real time so buyers would be notified of any change of passwords.
Prices for bots ranged from as little as $0.70 to several hundred dollars in the case of valuable bank account information, Europol said.
Unlike so-called "dark web" services, Genesis was available on the open web "although obscured from law enforcement behind an invitation-only veil", the agency said.
"Its accessibility and cheap prices greatly lowered the barrier of entry for buyers, making it a popular resource among hackers."
- 'Invitation only' -
Dutch police said Genesis not only sold account information, but also copies of people's online "fingerprints", or unique digital information, allowing hackers to take over the victim's life, he said.
"The Genesis criminal trading market... was one of the most dangerous," added Ruben van Well, Dutch police cyber team leader based in Rotterdam.
"For example, it was possible to order and pay for things in web shops in the name of victims or, in certain cases, even to plunder entire bank, crypto or investment accounts," Van Well said.
He gave the example of a 71-year-old man who lost almost 70,000 euros from his investment account, with items ordered from web shops in his name.
"The victim told us he felt like treading water in a massive swimming pool with no idea how to get out," Van Well said.
The site had a worldwide reach, said the EU's judicial agency, Eurojust, which is also based in The Hague.
"Genesis Market customers were located all over the world and actively purchasing stolen packages of victim data until this takedown," it said.
The US Treasury Department in a statement said Genesis is believed to be located in Russia.
"This action was coordinated with the U.S. Department of Justice (DOJ) and international partners from a dozen countries," it said.
A.Kenny--MP