Authorities shut down Genesis Market, exposing the dark side of a digital platform selling identities

5/5 - (107 votes)

On April 4th, the largest black market for stolen digital identities, Genesis Market, fell as a result of the three-year-long “Cookie Monster” operation. The investigation involved the FBI, Dutch police, Europol, and 17 countries, resulting in 208 searches worldwide and 119 arrests.

A very effective and accessible tool

Genesis Market offered digital identities for sale at prices ranging from less than a dollar to a few hundred, depending on the quantity and type of information. Some identities included access to victims’ social networks and streaming platforms, while others allowed customers to make fraudulent online purchases or even empty victims’ bank accounts. At the time of its dismantling, the US Department of Justice and Europol’s European Cybercrime Center estimated that Genesis Market compromised 1.5 million computers, 2 million identities, and 80 million access credentials.

The platform generated $4 million in revenue in just two years of operation, according to John Fokker, head of threat intelligence at Trellix Research Center. What made Genesis Market unique was its focus on a specific method of bypassing two-factor authentication, which is becoming increasingly common.

Genesis Market monetized digital traces of identifications, device fingerprints, and browser cookies. When a user connects to a network and passes multi-factor authentication, the system stores certain data locally on their device. Genesis Market gained access to this data, allowing them to usurp an identity on a user’s favorite sites. The platform’s creators went to great lengths to attract new customers, offering access on both the Dark Web and classic Web, a neat interface, and even their own browser, Genesium.

The market was mainly used for fraudulent purposes, but it could also have been used for more elaborate cybercriminal projects, such as ransomware attacks targeting corporate credentials. The platform was named as one of the most prolific access brokers in the world of cybercrime, with credentials for sale including those related to the financial industry, critical infrastructure, and federal, state, and local government agencies.

The disappearance of Genesis: a blow in the water or a real blow to cybercrime?

The head of EC3, Edvardas Šileris, praised the international collaboration that led to the success of the “Cookie Monster” operation, which seriously disrupted the cybercriminal ecosystem by removing one of its main catalysts. However, as with similar cases, a successor to Genesis Market may already be in preparation. Despite this, John Fokker believes that the operation is a great victory because it breaks the trust of the ecosystem and discourages other hackers from using similar services.

The operation sends a warning to cybercriminals that they will be found and brought to justice, as stated by US Attorney General Merrick B. Garland. For potential victims, the Dutch police have set up a tool to check for possible compromises using their email address. has also updated its data with information from Genesis Market.

Lucille B Reedy

Lucille B Reedy is Senior Writer at Easy Tech Tutorials, where she covers the world of technology, hacking, cybersecurity, surveillance and privacy.

Leave a Comment