The FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite codes online.
One of the most interesting features offered by the platform is the access to “browser fingerprints” that allow crooks to impersonate victims’ web browsers, including IP addresses, operating system data, time zones, device info, session cookies, and more.
The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Genesis Market provided access to accounts of the most popular services, including Amazon, eBay, Facebook, Gmail, Netflix, PayPal, Spotify, and Zoom.
The seizure is part of a law enforcement operation codenamed Operation Cookie Monster.
The home page of the Genesis Market domains now shows a banner informing visitors that the FBI has executed a seizure warrant.
“These seizures were possible because of international law enforcement and private sector coordination involving the partners listed below” reads the banner.
The authorities are searching for information about the administrators of the platform, a circumstance that suggests that the FBI has yet to identify them.
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:
Please nominate Security Affairs as your favorite blog.
Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Genesis Market)