[ad_1]
This week, the FBI and a coalition of European police partners took aim at one of the biggest illicit marketplaces on the dark web: Genesis, known for selling stolen data to the highest bidder, has officially been dismantled. The crackdown is yet another big attempt by the government to disrupt the dark web’s cybercriminal ecosystem, which is known to aid and abet major cyberattacks on U.S. and Western targets.
In statements published to their website Wednesday, U.S. Justice Department officials outlined the recent operation. “Operation Cookie Monster” (like browser cookies, eh?) saw the FBI work together with an international consortium of law enforcement partners to go after the operators of Genesis—which cops say is responsible for having pilfered or sold data connected to over 1.5 million computers and as many as 80 million online accounts.
So far, everything we know about this operation makes it sound huge. Law enforcement officials in the 17 participating countries are said to have arrested as many as 100 people in connection with the market, and as many as 200 raids were carried out in connection to police investigations. Many of the arrestees are said to be people who used the forum to buy stolen data. A number of websites associated with the market have also been seized.
Attorney General Merrick B. Garland called the operation “unprecedented,” and revealed that a whopping 45 FBI field offices participated in the investigation to smash the criminal platform. “Our seizure of Genesis Market should serve as a warning to cybercriminals who operate or use these criminal marketplaces: the Justice Department and our international partners will shut down your illegal activities, find you, and bring you to justice,” Merrick warned.
G/O Media may get a commission
How Genesis Worked
Genesis, which is believed to be located in Russia, offered a number of services to paying web cretins but one of its most popular was the sale of what the site called “bots.” In this context, bots amount to an aggregate of stolen account information linked to one particular person. Sensitive data—like a person’s browser cookies, as well as passwords for social media, banking, and email accounts—were sold in packages to allow a criminal to surreptitiously invade and manipulate a person’s online life. Cybercriminals used the access provided by bots for a number of different reasons—and sometimes the access could be used to implement more ambitious hacking campaigns targeted at corporate networks, Krebs notes in his write-up.
Check if Your Passwords Were Stolen
A cool feature of this recent operation is that the FBI apparently turned over much of the data seized from the Genesis marketplace to Have I Been Pwned, the well-known search engine for compromised account credentials. Troy Hunt, who runs the website, said that the bureau “provided millions of impacted email addresses and passwords” to the site “so that victims of the incident can discover if they have been exposed.” That means that—should you be curious—you can do a quick search of the material to see if some dark web jerk was in the process of selling your precious passwords to the highest bidder.
The Dark Web’s Dark Days Continue
The demise of Genesis is only the latest in a string of high-profile police actions that have targeted some of the dark web’s hottest marketplaces. Many of these takedowns have been the work of the Biden Justice Department, which—over the past several years—has developed an increasingly aggressive posture when it comes to criminal activity on the internet. Deputy Attorney General Lisa O. Monaco was happy enough to point this out Wednesday: “The Department of Justice is shining a light on the internet’s darkest corners – in the last year alone, our agents, prosecutors, and partners have dismantled the darknet’s largest marketplaces,” said Monaco, following the Genesis takedown. “Each takedown is yet another blow to the cybercrime ecosystem.”
Last year, authorities notably disrupted the Hydra Market—what had been one of the largest offerings of dark web services. Around the same time, cops also went after “Besa Mafia,” a well-known assassin fraud website. In recent months, the FBI has also undertaken a number of sophisticated operations, including the infiltration and dismantlement of the prominent ransomware gang “Hive,” as well as the bust of a widely used darknet cryptocurrency mixer—ChipMixer—which is alleged to have helped wash some $3 billion in illegal transactions, including some of the loot stolen last year from the Axie Infinity crypto project by North Korea’s “Lazarus” group. The recent take down of the well-known criminal hub “BreachedForums”—long considered one of the most popular dark web marketplaces—was considered a major blow to the cybercrime ecosystem.
Of course, conventional wisdom would tend to conclude that this is only a temporary period of adversity for the dark web and that, given due time, new sites will emerge to take the place of the markets that have been taken down.
“Cybercriminals will always try to find or create an alternative to these platforms,” said Yuliya Novikova, with cybersecurity firm Kaspersky, in a statement shared with Gizmodo Wednesday.
Another security professional, Adrianus Warmenhoven, of NordVPN, agreed. “Unfortunately, when one of these sites is removed, it creates a vacuum that could be quickly filled by others,” said Warmenhoven. “One of Genesis’s main rivals was the 2easy marketplace. This mysteriously stopped operating at the start of this year but is rumored to be planning a return to the fold,” he added.
Yes, internet crime—like normal crime—is driven by demand, so as long as there is a desire for seedy digital offerings, websites will emerge to satisfy those desires.
[ad_2]