Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Tristan Kirk

Police sting smashes fraud marketplace selling personal information for 56p on dark web

A criminal online marketplace selling millions of sets of stolen personal information for as little as 56p per entry has been taken down in an international crackdown.

The sting, led by the FBI and Dutch police and involving law enforcement agencies across 18 countries including the UK’s National Crime Agency (NCA), took Genesis Market offline on Tuesday night.

Users trying to access the site were greeted with a page emblazoned with the FBI investigation name Operation Cookie Monster.

The marketplace, one of the most significant of its kind in the world, had 80 million sets of credentials available for sale, affecting two million victims.Details including online banking, Facebook, Amazon, PayPal and Netflix account information were up for sale alongside so-called digital fingerprints containing data from the victims’ devices. This enabled criminals to bypass online security checks by pretending to be the victim.

Investigators from the NCA carried out a series of raids yesterday targeting around 20 users of the site, with dozens of arrests abroad.

They estimate there are hundreds of users of the site in the UK, and that tens of thousands of British victims have been targeted.

(PA)

Will Lyne, head of cyber intelligence for the NCA, said: “Genesis Market is one of the top criminal access marketplaces anywhere in the world.

“It is an enormous enabler of fraud and a range of other criminal activity online by facilitating that initial access to victims, which is a critical part of the business model in a whole range of nefarious activity.”

The site could be found using normal internet search engines, as well as on the dark web, and users were offered step-by-step guides on how to buy stolen details as well as how to use them for fraud. Prices started from 70 US cents (56p) and went up to several hundred dollars, depending on the type of information available.

Rob Jones, director-general of the National Economic Crime Centre, said it was “very, very easy” for anyone to access Genesis Market to commit crime. He added: “This is the problem for us in the online world — you don’t need to know a criminal to start.So you can

completely self-start and go looking for this and get everything you need to perpetrate a crime.

“That is why this is so damaging. You don’t have to go and meet somebody, you don’t have to go into a shadowy forum; you can get into it, pay your money, and then you’ve got the tools to commit a crime.... it is very, very easy.”

Businesses as well as individuals had their information sold on Genesis

Market, which facilitated fraud, ransomware attacks — where hackers block access to data and demand payment to release it — sim-swapping, where mobile phone numbers are hijacked, and theft of source codes from firms.

NCA investigators have already set up spoof distributed denial-of-service sites, which bring down servers by flooding them with requests, to harvest the details of criminals, and may use similar tactics for fraud sites.

Members of the public can check whether their details were listed on Genesis Market using the Dutch police site www.politie.nl/checkyourhack. Further security advice is available from the NCA at www.bit.ly/GenesisMarket.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.