FBI agent using laptop on white table

Dzelat/Shutterstock (Licensed)

Global sting takes down cybercrime platform that hosted over 80 million stolen credentials

Over 100 were arrested as well.


Mikael Thalen


The popular cybercrime website known as Genesis Market was seized on Tuesday by a coalition of law enforcement agencies from across the globe.

The investigation and subsequent takedown, dubbed Operation Cookie Monster, was spearheaded by the FBI and the Dutch National Police and included aid from more than a dozen other countries.

Genesis Market allowed its members to advertise and sell data including credentials, such as usernames and passwords for email and social media accounts, that were pilfered off of computers infected with malware.

The cybercrime bazaar worked by offering its members a custom-built browser that allowed them to impersonate victims through the use of stolen data, including session cookies, in order to bypass certain security measures and login into services such as online banking.

A seizure notice informing Genesis Market’s users of the site’s takedown became visible on the platform on Tuesday. The notice also urges anyone with information on the site’s administrators to reach out to the FBI.

Following the seizure, the FBI revealed Operation Cookie Monster allowed it to obtain copies of the cybercrime site’s back-end servers, which contained information on “approximately 59,000 individual user accounts.”

The information helped law enforcement agencies make roughly 120 arrests as of Wednesday as well as 208 property searches and 97 “knock and talk measures” designed to encourage users, often under the age of 18, not to further their involvement in cybercrime.

The UK’s National Crime Agency (NCA), which says Genesis Market hosted over “80 million credentials and digital fingerprints stolen from over two million people,” posted footage to Twitter on Wednesday of one such arrest linked to the site’s takedown.


The FBI has since provided millions of stolen usernames and passwords from the site to the online service HaveIBeenPwned, which lets users check whether or not their data has been compromised. The Dutch police have similarly provided a tool where its citizens can check if their data was present on Genesis Market.

In a statement on the seizure, FBI Director Christopher Wray vowed to continue tackling cybercrime.

“Today’s takedown of Genesis Market is a demonstration of the FBI’s commitment to disrupting and dismantling key services used by criminals to facilitate cybercrime,” said Wray. “The work in this case is a great example of the FBI’s ability to leverage our technical capabilities and work shoulder-to-shoulder with our international partners to take away the tools cyber criminals rely on to victimize people all across the world.”

We crawl the web so you don’t have to.
Sign up for the Daily Dot newsletter to get the best and worst of the internet in your inbox every day.
Sign up now for free
The Daily Dot