News

How Did The FBI Shut Genesis Market Down?

Genesis Market Shutdown By The FBI
Rate our article

The FBI and DOJ have just shut down one of the largest cybercrime hotspots, Genesis Market. Genesis Market was a Russian and Chinese-based darknet market that worked as a hub to purchase, trade, sell, and distribute stolen data. This story is still unfolding as the FBI continues to find admins, staff, and vendors from sites based all around the world. What happened to Genesis Market? Walk with us as we unfold this DOJ victory. 

Operation Cookie Monster: Removing Genesis Market

Genesis Market Darknet Hacking Market
Genesis Market Darknet Hacking Market

On April 5th, 2023, various government organisations worked together to seize Genesis Market. The FBI dubbed their attack on the notorious hacker marketplace “Operation Cookie Monster” which has proved to be a success. Currently, the website displays a seizure warrant. 

Genesis Market’s domains have been seized by the FBI pursuant to a seizure warrant issued by the United States District Court for the Eastern District of Wisconsin. These seizures were possible because of international law enforcement and private sector coordination involving the partners listed below.

To determine if you have been victimized, visit: haveibeenpwned.com or politie.nl/checkyourhack

Been active on Genesis Market? In contact with Genesis Market administrators? Email us, we’re interested: [email protected]

U.S. law enforcement officials seizure warrant.

However, their efforts proved more effective than simply removing the website servers. According to a press release, atleast 120 people were arrested, and 200 searches were carried out globally, with more to come. According to the U.K.’s National Crime Agency, atleast 19 regular users of Genesis Market were arrested for fraud and computer misuse.

The FBI and HSI haven’t released any information on the arrests made at this time. However, they have warned the public: 

This is the biggest operation of its kind. We’re not just going after administrators or taking sites down; we’re going after users on a global scale. 

An FBI official

Additionally, they explained that by gaining control over Genesis Markets and backend source codes, they could identify up to 59,000 marketplace users. 

The United States, along with our international partners, will not allow illicit marketplaces to operate with impunity The Treasury will continue to work closely with our law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable.

Secretary of the Treasury for Terrorism and Financial Intelligence

Have I Been Pwned: Genesis Market

Have I Been Pwned Darknet Market Breach
Have I Been Pwned Darknet Market Breach

Millions of users who use the popular “haveibeenpwned.com” would have been notified if Genesis Market had information on them. This is a website that tracks data breaches and lets users check whether their personal data has been compromised.

The FBI handed over data to haveibeenpwned.com with “over 80 million account access credentials, email addresses and passwords” that had been compromised. Not to worry, the information is not publicly searchable, and users must prove they have control over the email address being searched before the results are shown.

Before its shutdown, Genesis claimed that their fingerprints were stored for “as long as it retained access to a compromised device.” This basically meant that Genesis users weren’t making a one-time purchase of stolen data but rather that they were paying a de facto subscription to the victim’s information, even when their information changed. A scary thought. 

During its time, Genesis Market made more than $8.7 million from sales, but the FBI still believes that “complete total losses likely exceed tens of millions of dollars.”

As a result of the Genesis Market’s seizure, we expect to see an exodus of sellers and customers to competitor marketplaces. There are multiple other illicit marketplaces selling logs and credentials, although not on the scale of the Genesis Market. Alternatively, if a significant core of the Genesis Market administrators evade law enforcement, they may splinter off and create a new version of the site.

FBI agent Noel-Tagoe

What was Genesis Market?

Genesis Market Selling Bots
Genesis Market Selling Bots

Genesis Market was a darknet market where hackers could purchase login credentials, website vulnerabilities, cookies, device fingerprints, and other sensitive data that can help them bypass security protocols. Genesis was an essential tool that various hacking organisations used after carrying out their attacks. Launched back in 2018, the website was available on both the clearnet and the darknet. They first made headlines after breaching Electronic Arts, a video game publisher. The breach resulted in the loss of sensitive data, including the source code for the FIFA 21 game. 

The website has been on the FBI’s “Red Alert” list, with forensic scientists saying, “Genesis will certainly play a major role in a future ransomware attack.” The website hosted over 100,000 accounts. In 2021, atleast 20,000 new bots were added to the website each month. By March 2023, the number of bots available for sale had grown to over 450,000.

Genesis Store specialised in selling fingerPrints, cookies, “Inject Script” info, form grabbers (Logs), saved logins, as well as other personal data obtained from different devices across the web.

They even developed their own software: Genesis Security – the proprietary plugin which can simplify your work with fingerPrints and Cookies of the bots (holders).

Conclusions: The FBI is On Full Force

This is the second data-based darknet marketplace that the FBI has cracked down on in the last month. Just a few weeks ago, the FBI managed to end the “BreachForums” darknet hacking forum, after arresting its head admin. 

It’s truly becoming more difficult to remain anonymous and run such operations as the CyberCrimes Unit, and various government entities have improved their thttps://livedarknet.com/markets/racking and increased their team sizes. Taking down darknet markets has proven to be quite lucrative for governments, and they are achieving goals at the same time. Who will be next? Perhaps we should open up a Deadpool of our own.