An ‘Amazon for crime’ online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.
A sting on the site – which was called Genesis Market – unfolded last night and saw raids on users across the globe.
It was led by the FBI and Dutch police forces and 17 other countries, including the UK’s National Crime Agency, who made 24 arrests in and around Grimsby.
Globally about 120 people were arrested and more than 200 searches carried out.
Genesis had 80 million sets of credentials available for sale and two million victims.
They included online banking, Facebook, Amazon, PayPal and Netflix account information, as well as digital fingerprints with data from mobile devices.
It could be exploited by criminals to bypass online security checks by pretending to be the victim.
Visitors to the Genesis marketplace today are greeted by this splash page after the takedown
Today visitors to the site – of which the NCA said had hundreds of users in the UK – were greeted with a page emblazoned with the FBI investigation name Operation Cookie Monster.
Tens of thousands of British victims are feared to have been targeted by the site.
It worked by a group of attackers creating a program which infected millions of users over the world to harvest their data.
Those who wanted to Genesis could only join by invite from an already established member. The referrals were offered for sale on some places on the net for around £25.
Will Lyne, head of cyber intelligence for the NCA, said: ‘Genesis Market is one of the top criminal access marketplaces anywhere in the world.
Operation was led by the FBI and Dutch police forces and 17 other countries, including the UK’s National Crime Agency, who made 24 arrests in and around Grimsby.
Police and the NCA arresting a UK suspect in connection with the criminal Genesis Market site
William Lyne, senior manager for cyber intelligence at the National Crime Agency, hailed raids
‘Genesis Market is an enormous enabler of fraud and a range of other criminal activity online by facilitating that initial access to victims, which is a critical part of the business model in a whole range of nefarious activity.’
The marketplace could be found using normal internet search engines, as well as on the dark web, and users were offered step-by-step guides on how to buy stolen details as well as how to use them for fraud.
Prices started from 70 cents US (56p) and went up to several hundreds of dollars, depending on the type of information available.
Software company Netacea had warned about the site two years ago and had even written a report about its dangers.
It said: ‘Although highly illegal, its operations are run in a professional and even user-friendly manner.
‘The Genesis marketplace includes terms and conditions, an FAQ, frequently updated utility software, and even a support desk with ticket system for customer queries.
‘This Aladdin’s cave of criminally obtained data is growing at an alarming rate.’
Rob Jones, director-general of the National Economic Crime Centre, said it was ‘very, very easy’ for anyone to access Genesis Market to commit crime.
‘This is the problem for us in the online world – you don’t need to know a criminal to start,’ he said.
‘So you can completely self-start and go looking for this and get everything you need to perpetrate a crime.
‘And so that is why this is so damaging. You don’t have to go and meet somebody, you don’t have to go into a shadowy forum; you can get into it, pay your money, and then you’ve got the tools to commit a crime.
‘And that’s why it is so damaging, and it is very, very easy.’
Businesses as well as individuals had their information sold on Genesis Market, which facilitated fraud; ransomware attacks – where hackers block access to data and demand payment to release it; sim-swapping, where mobile phone numbers are hijacked; and the theft of source code from companies.
NCA investigators have already set up spoof distributed denial-of-service sites, which bring down servers by flooding them with requests, to harvest the details of criminals, and may use similar tactics when it comes to fraud sites.
Mr Jones said: ‘Our approach to tackling the criminal marketplace is that cyber criminals won’t know who they’re interacting with and won’t know for certain that they are dealing with a criminal.
‘And that could be a site that a partner or the NCA has access to and we’re getting their credentials.’
He added: ‘If you’re a cyber criminal, you’re not going to know whether we’ve got your credentials and whether you’re going to get a knock on the door in the morning.’
Members of the public can click here to find out if their credentials featured on Genesis.
