Operation Cookie Monster Takes Down Genesis Cyber Crime Market

Liz Morton
Liz Morton


Comments

Massive international law enforcement action shuts down notorious cyber crime marketplace that sold stolen personal data and credentials for Facebook, Amazon, eBay, PayPal, Twitter and more.

‘Fraudsters paradise’ online criminal marketplace is shutdown in sting
An ‘Amazon for crime’ online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.

International sting on the 'world's biggest fraudsters paradise' stealing YOUR passwords: Criminal 'online market' where hackers flog bank, eBay, Amazon and Facebook log-ins for as little as 50p is shut down.

An 'Amazon for crime' online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.

A sting on the site – which was called Genesis Market – unfolded last night and saw raids on users across the globe.

It was led by the FBI and Dutch police forces and 17 other countries, including the UK's National Crime Agency (NCA), which made 24 arrests in and around Grimsby.

Around the world, about 120 people were arrested and more than 200 searches were carried out. Genesis had 80million sets of credentials available for sale and two million victims.

They included online banking, Facebook, Amazon, PayPal and Netflix account information, as well as digital fingerprints with mobile device data. It could be exploited by criminals to bypass online security by pretending to be the victim.

Today visitors to the site, which the NCA said had hundreds of UK users, were greeted with a page showing the FBI investigation name Operation Cookie Monster.

I suspect this type of hacking may be a major factor in some of the fraud on eBay that takes over legitimate accounts and uses them to post scam listings for vehicles, luxury watches, high value trading cards and more.

Why Doesn’t eBay Do More To Stop Car Scams?
It seems like eBay car scams have been around forever, why doesn’t eBay do more to curb this particular kind of fraud?

It's interesting the Daily Mail mentions 24 arrests were made in and around Grimsby - an eBay business in that area made headlines in 2021 when their account was hijacked and used for this type of fraud, with eBay refusing to help as the business owner faced a £14,000+ and had to lay off staff as a result.

Grimsby businessman facing ruin after eBay account ‘hacked’
Phil Green has had to lay off staff and more could suffer after £14,000 hacking scam on his Nunsthorpe business

A Grimsby businessman is facing ruin and having to make staff redundant because of what he claims is an eBay hacking scam.

Phil Green's Bags-n-Aprons business has successfully traded through eBay and other online platforms for over a decade. He provides a service making and distributing tabards, garments, bags, aprons and ladies undies.

But the Nunsthorpe businessman was shocked to discover listed on his eBay account were Rolex watches, speedboats, bicycles and rare Pokemon cards.

Ebay immediately froze his account which meant he lost trade. But he says the firm also took money directly from his account totalling £14,000 to pay off people who had not received delivery of the items they had ordered and paid for...

..."Between 2pm and 8pm on November 4 our site was hacked by we believe an USA based hacker. We reported the hacking to eBay first thing on Friday November 5 and since then they have done almost nothing to help us.


Have I Been Pwned creator Troy Hunt has provided an excellent recap of this epic cyber crime takedown as well as a searchable database so you can see if your compromised data was available on Genesis Market.

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and “Operation Cookie Monster”
A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they’ve named “Operation Cookie Monster”. They’ve provided millions of impacted email addresses and p…

Here's what Have I Been Pwned suggests if you find yourself in this collection of data:

Prepared in conjunction with the FBI, following is the recommended guidance for those that find themselves in this collection of data:

To safeguard yourself against fraud in the future, it is important that you immediately remove the malware from your computer and then change all your passwords. Do this as follows:

  • Log out of all open sessions in all web browsers on your computer.
  • Remove all cookies and temporary internet files.
  • Then choose one of the following two options:
  • Update the virus scanner on your computer.
  • Then carry out a virus scan on your computer.
  • The malware will be removed.
  • Then (and only then) change all your passwords. Don’t do this any earlier, as otherwise the cybercriminals will see the new passwords.

OR

  • Reset the infected computer to the factory default settings:
  • Then (and only then) change all your passwords. Don’t do this any earlier, as otherwise the cybercriminals will see the new passwords.

How can I prevent my data being stolen (again)?

  • Use a virus scanner and keep it up to date.
  • Use strong passwords that are unique for each account/website.
  • Use multifactor authentication. If you use a fingerprint, facial recognition, or approval on another device (such as a phone) to confirm your identity on login, it is harder for someone to access your accounts.
  • Never download or install illegal software. This is a very common source of malware infection.
  • When installing legal software, always check that the website is genuine.

Hats off to the law enforcement personnel across the globe involved in investigating and bringing these criminals to justice!

FraudNewsLegal

Liz Morton Twitter Facebook
LinkedIn

Liz Morton is a 17 year ecommerce pro turned indie investigative journalist providing ad-free deep dives on eBay, Amazon, Etsy & more, championing sellers & advocating for corporate accountability.


Recent Comments
Avatar PlaceholderMksowaYesterday
They need to fix a very broken system full of nasty attitudes. The patrons no longer matter.
Avatar PlaceholderMarty_JYesterday
Was just checking to see if it would post without creating an account but….
eBay seller since 2022
Just started selling about a year and half ago

800 items sold 99.7 feedback

Recently I went away for family things for 30 days set my acct to be away … got back with items not received cases opened

I wasn’t able to revise existing listings post new listings OR refund the buyer from my eBay funds …

The items were caught up in recent wild fires but ended up being delivered late. I had to beg the buyer to let me pay them off of eBay to close the case because it was on hold and I wasn’t able to refund them from my eBay acct etc…. So luckily they obliged and I did … but ever since then my acct must be strikes as high risk because funds have been on hold 3 days after delivery since then indefinitely might I add… I get the run around everytime etc etc FINALLY I got someone saying it’s temporary it’ll be back to normal etc. these r all reps from escalated departments… one lady told me that with my history and feedback I’ve proved beyond doubt that I’m reliable seller and shouldn’t be on hold she put in for a appeal never heard back got the run around for another few months… they keep telling me I’ve been chosen for the new update they r rolling out total BS … do you believe that sellers will stay on eBay with these holds ? No they will simply go to another platform … they r 100% making money on the holds and use any reasoning to tell you basically no and keep profiting…. The get around is creating a new acct… these cases were closed without eBay having to step in and might I add I lost $$ and its been truly frustrating esp since I’ve built the acct up but I know I can do it again.. when they tell me its going to happen to all accts I just mention how my brother just opened one n now has immediate payments they don’t know what to say I don’t think they really even know.,, its sad n scummy but I see a class action lawsuit coming honestly ! I don’t know💬 if I forgot anything but well written thanks for the information. Have a great one!
Avatar PlaceholderJkvinyl32 days ago
As many have already quoted - us sellers now can not charge for packaging. I will be £500 a year out of pocket.