A Real Cookie Monster

Computer security concept

One of the world’s biggest criminal marketplaces, Genesis Market, used by online fraudsters to buy passwords has been closed in a global law enforcement crackdown.  Genesis Market sold login details, IP addresses and other data that made up victims’ “digital fingerprints.” Since its inception in March 2018, Genesis Market has offered access to data stolen from over 1.5 million compromised computers around the world containing over 80 million “fingerprints.” But thanks to the leadership of the FBIT, on the morning of March 27, 2023, anyone who logged on to the the Genesis website saw a message which read: “Operation Cookie Monster. This website has been seized.”

Genesis Market operated on the open web, not just the dark web. It was a one-stop shop for login data that enabled online fraud. This “digital fingerprint” that was up for sale allowed fraudsters to log in to bank, email and shopping accounts, re-direct deliveries and even change passwords without raising suspicion. Criminals buying the information were even notified by Genesis if the passwords changed. Genesis provided its customers with a purpose-built browser which would use the stolen data to mimic the victim’s computer, so that access did not trigger any security alerts. While Genesis users were mostly accessing it for fraud, the data on sale could also be used for ransomware attacks – where hackers block access to data and demand payment to release it.

Cybercrime is a global thief. Genesis Market users were located all over the world. 200 searches were carried out and 120 people were arrested. Therefore, law enforcement agencies all over the world were part of the coordinated raids and they all deserve a shout out.

Today’s Fraud Of The Day is based on article “’Operation Cookie Monster’: FBI seizes popular cybercrime forum used for large-scale identity theft” published by KOAM News on April 4, 2023

The FBI and European law enforcement agencies have arrested more than 100 people as part of a global crackdown on a cybercrime forum that facilitated large-scale identity theft, officials said Wednesday.

The operation targeted Genesis Market, an invitation-only crime forum that for the last five years, according to the US Justice Department, has offered data stolen from more than 1.5 million computers around the world containing login details for more than 80 million user accounts.

Previous articleHe Said, She Said
Next articleTax Write Offs

Larry Benson, Senior Director of Strategic Alliances, LexisNexis Risk Solutions - Government

Larry Benson is responsible for developing strategic partnerships and solutions for the government vertical. His expertise focuses on how government programs are defrauded by criminal groups, and the approaches necessary to prevent them from succeeding.

Mr. Benson has 30 years of experience in sales and business development. Before joining LexisNexis® Risk Solutions, he spent 12 years founding and managing two software technology startups. During the 1990s he spent 10 years as a Regional Director helping to grow a New England-based technology company from 300 employees to 7,000. He started his career with Martin Marietta Aerospace working on laser guided weapons and day/night vision systems.

A sought-after speaker and accomplished writer, Mr. Benson is the principal author of “Fraud of the Day,” a website dedicated to educating government officials about how criminals are defrauding government programs. He has co-authored WTF? Where’s the Fraud? How to Unmask and Stop Identity Fraud’s Drain on Our Government, and Data Personified, How Fraud is Changing the Meaning of Identity.

Benson holds a Bachelor of Science in Physics from Albright College, and earned two graduate degrees – a Master of Business Administration from Florida Institute of Technology, and a Master of Science in Engineering from Lehigh University.