Twenty-four people have been arrested in the UK after an international operation took down one of the world’s biggest online criminal marketplaces.
Genesis Market hosted 80 million account credentials and digital footprints stolen from devices of more than two million people, and users could buy “bots” containing the information.
The most expensive of them would contain financial information, such as access to online banking accounts.
Hundreds of people in the UK were among those who used it to target individuals and businesses.
The arrests came in raids by the National Crime Agency (NCA), regional cyber crime units, and police on Tuesday.
They coincided with the marketplace being taken offline.
Seventeen countries were involved in the investigation, led by America‘s FBI and authorities in the Netherlands.
It led to more than 200 searches and around 120 people taken into custody around the world.
The NCA said its work was not done, however, with more arrests expected and other users to be contacted and warned about their potentially criminal activity.
Genesis Market’s unique capabilities
Genesis Market provided its users with a custom web browser mimicking that of their victim.
It meant they could make it look as though they were accessing their accounts from usual locations and devices, therefore not triggering the “suspicious activity” notifications you get from services like banking apps.
Criminals may also have used the information they obtained about a victim, such as names of family and friends, to manipulate them into handing over money.
Read more:
YouTube warns of new email scam
Ofcom ‘concerned’ about UK cloud market
‘A huge blow to criminals’
The NCA’s director general of the NECC and threat leadership Rob Jones said taking the marketplace offline would be “a huge blow to criminals across the globe”.
“Behind every cyber criminal or fraudster is the technical infrastructure that provides them with the tools to execute their attacks and the means to benefit financially from their offending,” he said.
“Genesis Market was a prime example of such a service – and it was one of the most significant platforms on the criminal market.
“Targeting this infrastructure is at the core of the NCA’s efforts to disrupt the highest harm offenders and protect the public from those seeking to infiltrate their lives, stealing their identities and their money.”
How to know if you’ve been affected
You can check if your data has been stolen and shared on Genesis Market by visiting politie.nl/checkyourhack and inputting your email address.
If you find you have been affected, you should contact Action Fraud.