Police Shut Down Cybercrime Website Genesis Market Selling Two Million People’s Passwords :- A illegal website selling two million people’s internet identities for as little as 56 cents has been discovered by police. 80 million passwords and logins were traded on the widely accessible website Genesis Market, which crooks used to steal millions of pounds.
The victims’ logins to Facebook, Amazon, PayPal, Netflix, and their banks were stored in “bots” that fraudsters bought. These “bots” received real-time updates anytime the victims attempted to change their passwords.
With 120 arrests already made, the website was taken down on Tuesday night as a result of a large-scale sting operation with 17 national police agencies, including the FBI and the British National Crime Agency (NCA).
According to the NCA, there are “hundreds” of British criminals who used the website and “tens of thousands” of victims in the UK. Even better, the website imitated users’ browsers to get past security checks on social media and commerce portals.
By mapping friends, family, and personal situations, this “enabled the perpetrators to basically masquerade as the victim” and “socially engineer them for more offences,” according to the NCA.
‘Genesis Market is an enormous enabler of fraud’
Genesis Market is one of the most popular illicit access markets in the entire world, according to Will Lyne, head of cyber intelligence for the NCA.
“By allowing that first access to victims, which is a fundamental component of the business model in a whole spectrum of nefarious activities, Genesis Market is a tremendous enabler of fraud and a range of other illegal conduct online.”
24 website users were detained in the UK on Tuesday and Wednesday in the course of 31 dawn raids under the Computer Misuse Act and for fraud-related offences, including two men, 34 and 36, in Grimsby, Lincolnshire.
Almost 200 searches, close to 100 preventative actions, and about 120 arrests were made in total worldwide.
The FBI logo and the phrase “this website has been seized” are now displayed on the website as part of the investigation’s “operation cookie monster” investigation. The site’s ringleaders are being sought after in an ongoing investigation.
‘Very, very easy’ for anyone to access
Depending on the quantity and type of data stolen, the cost per “bot” might be as low as $0.70 (56p) or as high as several hundred dollars.
Anybody can utilize Genesis Market to commit a crime, according to Rob Jones, director-general of the National Economic Crime Centre.
You don’t need to know a criminal to start, which is the issue for us in the online world, he said.
“This is very harmful because you can totally self-start and go hunting for it and have everything you need to commit a crime.”
Millions of pounds stolen
When asked how much money might have been taken, Mr Jones added: “If you do the calculations with 80 million credentials and two million victims worldwide, there are millions of pounds available to the crooks who are involved in this.”
The website engaged in actions such as sim-swapping, which involves the theft of mobile phone numbers, ransomware attacks, which prevent access to data and demand payment to unlock it, and source code theft from businesses.
In order to gather information on criminals, NCA officers have already set up bogus distributed denial-of-service websites, which crash servers by overloading them with requests. Targeting scam websites could involve similar strategies.
Using the “check your hack” feature on the Dutch police website, members of the public can determine whether their information was sold on Genesis Market.
It follows the Met police’s destruction of iSpoof, an international internet fraud shop that sold equipment that let thieves carry out phone scams on hundreds of thousands of unwitting victims, though it had fewer victims and was more difficult to reach via the dark web.