‘Operation Cookie Monster’ brings down black market crypto data marketplace

United States and international law enforcement agencies have shut down the Genesis Market, a hacker marketplace notorious for selling compromised credentials and digital browser fingerprints, some of which were used to steal cryptocurrencies.

According to a TechCrunch report, the operation, dubbed “Operation Cookie Monster,” involved the FBI and law enforcement agencies from the Poland, United Kingdom, Europe, Australia, Canada, Germany, and Sweden. Approximately 120 people were arrested, and 200 searches were carried out globally.

Since 2017, Genesis Market has been an invitation-only online platform that sold stolen credentials, cookies, and digital browser fingerprints collected from compromised systems.

These fingerprints, or “bots,” allowed attackers to impersonate victims’ browsers and access their online banking and subscription services, such as Amazon and Netflix, bypassing the need for victims’ passwords or two-factor tokens.

The FBI said that Genesis Market offered access to stolen data from more than 1.5 million compromised computers worldwide containing over 80 million account access credentials.

Although overall financial losses have not yet been determined, the FBI reports that Genesis has made at least $8.7 million from the sale of stolen credentials, with total losses likely exceeding tens of millions of dollars.

The closure of Genesis Market follows a series of similar crackdowns on hacker marketplaces by law enforcement agencies, including the recent shutdown of the BreachForums hacking forum and last year’s takedown of SSNDOB, a marketplace used for trading the personal information of millions of Americans.

In the aftermath of the Genesis Market seizure, experts anticipate that sellers and customers may migrate to competitor marketplaces or possibly form new versions of the site if a significant core of the Genesis Market administrators evade law enforcement.