Genesis Market’s Clearnet domain seized; Dark Web site still online

The FBI and European authorities have seized Genesis Market’s clearnet domains as part of the ongoing Operation Cookie Monster.

Genesis is one of the largest marketplaces on the dark web while its presence on clearnet is also quite significant. In the latest, clearnet domains belong to Genesis marketplace have been seized by the FBI under the ongoing Operation Cookie Monster.

When accessed, the marketplace’s domain displays a banner stating that the website is inaccessible because the FBI has executed a seizure warrant. 

Although the marketplace administrator(s) have not been identified or caught yet, it is evident that authorities have only seized clearnet domains while its main dark web domain remains online, which suggests that they have not been able to take down the entire Genesis infrastructure.

Regardless, it is still too early to make any assumptions or predictions about what might happen next.

Clearnet domain of Genesis Market Seized; Dark Web site remains onlineHow Did the Seizure Happen?

According to the FBI, the seizing was carried out with the collaboration of multiple organizations from the private and public sectors, and international law enforcement agencies.

The seizure notice displayed on the domain also had a message for the site visitors, which read:

“Been active on Genesis Market? In contact with Genesis Market administrators? Email us, we’re interested,” followed by an official email address.

The bureau noted that around two dozen partners were on board for this operation. The seizure was followed by a worldwide applicable search and arrest operation. A federal court in the Eastern District of Wisconsin had issued the seizure warrant.

It is currently unclear who was operating this marketplace as they have maintained a low profile over the years, indicating they have sufficient operational security know-how.

Clearnet domain of Genesis Market Seized; Dark Web site remains onlineWhy Genesis Market Seizure a Big Blow?

Genesis Market was established in late 2017 and played a vital role to fill the gap especially after the seizure of Hansa and AlphaBay marketplace by the Dutch police.

By 2020, Genesis had become the world’s most popular marketplace for buying stolen credentials, cookies, and device fingerprints. Considered the largest platform in the world for illicit activities, Genesis Market offered stolen credentials for corporate and consumer accounts.

This market provided access to an extensive range of services with accounts from Gmail, Netflix, Facebook, PayPal, WordPress, Amazon, Zoom, eBay, Cloudflare, Reddit, Spotify, Twitter, and LinkedIn. Therefore, it is understandable that seizing such a thriving platform will be a huge blow to its users.

The seizure of Genesis marketplace should not come as a surprise. This development came just a month after the FBI arrested PomPomPurin (aka Pompompurin, aka Pom), the owner and admin of popular hacker and cybercrime forum Breach Forums, a hacker forum that surfaced as an alternative to the popular and now-seized Raidforums.

How did Genesis Market operate?

The market operators used information stealers to collect login credentials with fingerprint data, such as time zones, IP addresses, cookies, device information, etc.

The operators earned profits from renting the account identities via bots, including stolen accounts, and browser plug-ins that imported the login and fingerprint data of the compromised account to let attackers assume the real owner’s digital identity. As per the account type, buyers paid up to $10 to get access to an account for a specific period.

  1. Dark web data center in former NATO bunker seized
  2. Finnish language dark web market Sipulimarket seized
  3. Hive Ransomware’s Servers and Dark Web Site Seized
  4. 179 Dark Web vendors arrested, 500kg of drugs seized
  5. Dark Web child abuse gang busted; 15TB of files seized

Leave a Reply

Your email address will not be published. Required fields are marked *