Last week U.S. law enforcement agencies seized Genesis Market, a massive hacker marketplace used to acquire compromised credentials and digital browser footprints, reported by Techcrunch.
This takedown, dubbed “Operation Cookie Monster,” has yet to be announced by the FBI, but Genesis domains now display a notice stating that the U.S. law enforcement officials have executed a seizure warrant.
“Genesis Market’s domains have been seized by the FBI pursuant to a seizure warrant issued by the United States District Court for the Eastern District of Wisconsin,” the message on the domain reads.
The Genesis Market offered access to logins for a variety of websites, including streaming services like Netflix, Disney+, Hulu, and more. The site sold compromised logins to a long list of services not just streaming services.
Back in June 2021, gaming giant Electronic Arts suffered a breach by individuals who claimed to gain access to the EA network by purchasing a bot from Genesis Market that allowed them to log into the company’s Slack account.
Cyril Noel-Tagoe, principal researcher at cybersecurity company Netacea said: “In 2021, over 20,000 new bots a month were being added to [Genesis Market]. The market was temporarily down in the middle of 2022, however despite this, by March 2023, the number of bots available for sale had grown to over 450,000.”
U.S. law enforcement has been cracking down on marketplaces like Genesis Market but in the end its the responsibility of users to protect their accounts. Be careful about reusing passwords. Don’t open files from unknown senders and as always practice common sense when surfing online to make sure you are on the right website and not one that is pretending to be your bank or Netflix for example.