Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



120 Arrested as Cybercrime Website Genesis Market Seized by FBI

The FBI has seized Genesis Market, a major cybercrime website offering stolen device fingerprints.

Genesis seized

The Genesis Market cybercrime website appears to have been taken down as part of an international law enforcement operation.

The domains associated with Genesis Market currently display an image informing visitors that the website has been seized by the FBI based on a warrant issued by a Wisconsin court.

The new Genesis Market homepage reveals that the domains were seized as part of an operation named ‘Cookie Monster’, with over a dozen European and North American law enforcement agencies being credited for their role in the takedown. 

Authorities in the US and Europe have yet to issue a statement on the seizure of Genesis Market. 

Security blogger Brian Krebs reported that the law enforcement operation also involved dozens of arrests in the United States and other countries.

However, the message posted by the FBI on seized domains — which instructs those who have been in contact with Genesis administrators to contact the agency — suggests that the site’s operators have yet to be identified or captured. 

The Genesis marketplace has been around since late 2018, offering cybercriminals access to hundreds of thousands of so-called ‘bots’ that could be used to carry out malicious activities and bypass anti-fraud systems. 

Advertisement. Scroll to continue reading.

These bots, which are actually browser fingerprints obtained by information-stealing malware, provide cybercriminals the credentials needed to access various services and systems while making it seem like the access request is coming from the legitimate user’s machine, thus avoiding triggering any alarms. 

“Genesis marketplace was an invite-only cybercrime institution that held data on account holders from almost all major websites,” said Mark Lamb, CEO of “The operators offered customers a pre-made package on victims, enabling them to access accounts and execute attacks quickly, with all the information they needed to commit fraud. Unfortunately, very few victims were aware they had been compromised until money was stolen or goods were purchased, as there was nothing malicious for threat detection tools to alert on.”

“This is another coup for the FBI that follows a long string of recent takedowns. It will be interesting to see if the operators of Genesis are caught, because given the scale of the operation they were running, the FBI will not let them off lightly,” Lamb added.

The Genesis Market takedown was announced roughly two months after law enforcement announced shutting down the Hive ransomware operation

UPDATE: Europol, the UK’s National Crime Agency (NCA) and others have started releasing information on Operation Cookie Monster. Law enforcement agencies said 120 individuals were arrested and over 200 searches have been caried out across several countries. Dutch police have released an online tool that tells users whether their data was sold on Genesis Market.

Related: Authorities Seize Online Marketplace for Stolen Credentials

Related: US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites

Related: VPNLab Goes Down After Servers Seized in Law Enforcement Operation

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...