Operation Cookie Monster Takes Down Genesis Cyber Crime Market

Liz Morton
Liz Morton


Comments

Massive international law enforcement action shuts down notorious cyber crime marketplace that sold stolen personal data and credentials for Facebook, Amazon, eBay, PayPal, Twitter and more.

‘Fraudsters paradise’ online criminal marketplace is shutdown in sting
An ‘Amazon for crime’ online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.

International sting on the 'world's biggest fraudsters paradise' stealing YOUR passwords: Criminal 'online market' where hackers flog bank, eBay, Amazon and Facebook log-ins for as little as 50p is shut down.

An 'Amazon for crime' online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.

A sting on the site – which was called Genesis Market – unfolded last night and saw raids on users across the globe.

It was led by the FBI and Dutch police forces and 17 other countries, including the UK's National Crime Agency (NCA), which made 24 arrests in and around Grimsby.

Around the world, about 120 people were arrested and more than 200 searches were carried out. Genesis had 80million sets of credentials available for sale and two million victims.

They included online banking, Facebook, Amazon, PayPal and Netflix account information, as well as digital fingerprints with mobile device data. It could be exploited by criminals to bypass online security by pretending to be the victim.

Today visitors to the site, which the NCA said had hundreds of UK users, were greeted with a page showing the FBI investigation name Operation Cookie Monster.

I suspect this type of hacking may be a major factor in some of the fraud on eBay that takes over legitimate accounts and uses them to post scam listings for vehicles, luxury watches, high value trading cards and more.

Why Doesn’t eBay Do More To Stop Car Scams?
It seems like eBay car scams have been around forever, why doesn’t eBay do more to curb this particular kind of fraud?

It's interesting the Daily Mail mentions 24 arrests were made in and around Grimsby - an eBay business in that area made headlines in 2021 when their account was hijacked and used for this type of fraud, with eBay refusing to help as the business owner faced a £14,000+ and had to lay off staff as a result.

Grimsby businessman facing ruin after eBay account ‘hacked’
Phil Green has had to lay off staff and more could suffer after £14,000 hacking scam on his Nunsthorpe business

A Grimsby businessman is facing ruin and having to make staff redundant because of what he claims is an eBay hacking scam.

Phil Green's Bags-n-Aprons business has successfully traded through eBay and other online platforms for over a decade. He provides a service making and distributing tabards, garments, bags, aprons and ladies undies.

But the Nunsthorpe businessman was shocked to discover listed on his eBay account were Rolex watches, speedboats, bicycles and rare Pokemon cards.

Ebay immediately froze his account which meant he lost trade. But he says the firm also took money directly from his account totalling £14,000 to pay off people who had not received delivery of the items they had ordered and paid for...

..."Between 2pm and 8pm on November 4 our site was hacked by we believe an USA based hacker. We reported the hacking to eBay first thing on Friday November 5 and since then they have done almost nothing to help us.


Have I Been Pwned creator Troy Hunt has provided an excellent recap of this epic cyber crime takedown as well as a searchable database so you can see if your compromised data was available on Genesis Market.

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and “Operation Cookie Monster”
A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they’ve named “Operation Cookie Monster”. They’ve provided millions of impacted email addresses and p…

Here's what Have I Been Pwned suggests if you find yourself in this collection of data:

Prepared in conjunction with the FBI, following is the recommended guidance for those that find themselves in this collection of data:

To safeguard yourself against fraud in the future, it is important that you immediately remove the malware from your computer and then change all your passwords. Do this as follows:

  • Log out of all open sessions in all web browsers on your computer.
  • Remove all cookies and temporary internet files.
  • Then choose one of the following two options:
  • Update the virus scanner on your computer.
  • Then carry out a virus scan on your computer.
  • The malware will be removed.
  • Then (and only then) change all your passwords. Don’t do this any earlier, as otherwise the cybercriminals will see the new passwords.

OR

  • Reset the infected computer to the factory default settings:
  • Then (and only then) change all your passwords. Don’t do this any earlier, as otherwise the cybercriminals will see the new passwords.

How can I prevent my data being stolen (again)?

  • Use a virus scanner and keep it up to date.
  • Use strong passwords that are unique for each account/website.
  • Use multifactor authentication. If you use a fingerprint, facial recognition, or approval on another device (such as a phone) to confirm your identity on login, it is harder for someone to access your accounts.
  • Never download or install illegal software. This is a very common source of malware infection.
  • When installing legal software, always check that the website is genuine.

Hats off to the law enforcement personnel across the globe involved in investigating and bringing these criminals to justice!

FraudNewsLegal

Liz Morton Twitter Facebook
LinkedIn

Liz Morton is a 17 year ecommerce pro turned indie investigative journalist providing ad-free deep dives on eBay, Amazon, Etsy & more, championing sellers & advocating for corporate accountability.


Recent Comments
Avatar PlaceholderJaeLynn23 hours ago
I've had this happen a few times, and it confused me. One seller alleged that they had to use Amazon's services to make sure I got my item in time. I recently bought something simple, and the seller made a mistake. They'd sent me 3 different messages, one of them too early, telling me they hoped my item arrived in perfect condition. The next day, the item was marked as shipped, and I got an official Ebay shipping email. The seller was using direct messages to give me item updates. If I wanted Amazon, I'd have used them myself! lol
Avatar PlaceholderlessthanthreerecordsYesterday
Happening to me too. On my active listings page (with the full list) it looks fine, but when I click on them, many have the random characters. I reported it, and that's when one glitch led to another! As I was typing the message after clicking the "?", letters were repeatedly not coming up (usually one or two at the end of a word). I was finally able to get the message entered, but how tedious!
Avatar Placeholderbritishsoeedw-0Yesterday
I'm having the same problem, Vat has ben added to my listings and sales have literally stopped.