KEY POINTS:
- Australia and 17 other countries involved in the seizure of a popular dark web marketplace, known as Genesis Market.
- The UK's National Crime Agency estimated the service hosted about 80 million credentials.
- 'Operation Cookie Monster' was led by the FBI and Dutch National Police.
International law enforcement agencies have seized a sprawling dark web marketplace popular with cybercriminals, the United Kingdom's National Crime Agency (NCA) says, in a multinational crackdown dubbed "Operation Cookie Monster".
People trying to access Genesis Market on Wednesday saw a screen saying, "This website has been seized" and "Operation Cookie Monster", along with a picture of a person in an FBI hoodie in front of a computer.
A cookie is a piece of computer data that makes it easier to reopen web pages.
Logos of other European, Canadian, and Australian police organisations were also emblazoned across the site, along with that of cybersecurity firm Qintel.
"We assess that the Genesis is one of the most significant access marketplaces anywhere in the world," the NCA's Director General of Threat Leadership Rob Jones said.
Logos of other European, Canadian, and Australian police organisations were also emblazoned across Genesis Market's website, along with that of cybersecurity firm Qintel. Source: AAP, Press Association / Alamy
Police arrested 119 people in the huge crackdown, which was led by the US Federal Bureau of Investigation (FBI) and Dutch police and involved 17 countries.
The website was based in Russia, according to the United States Treasury, which said it had imposed sanctions against Genesis Market.
Europol said the "unprecedented law enforcement operation" had taken down "one of the most dangerous marketplaces selling stolen account credentials to hackers worldwide."
"Genesis Market listed for sale the identities of over two million people when it was shut down," the EU's policing agency said.
Action against criminals took place in countries including Australia, Britain, Canada, the United States, and more than 10 countries in Europe.
Britain's National Crime Agency said 24 people were arrested in Britain. Another 17 people were arrested in the Netherlands.
Qintel did not immediately return messages seeking comment and contact details for Genesis Market's administrators could not be immediately located.
The FBI seemed eager for information about them as well, saying in its seizure notice that anyone who had been in touch with them should "Email us, we're interested".
Genesis specialised in the sale of digital products, especially "browser fingerprints" harvested from computers infected with malicious software, said Louise Ferrett, an analyst at British cybersecurity firm Searchlight Cyber.
Because those fingerprints often include credentials, cookies, internet protocol addresses and other browser or operating system details, they can be used by criminals to bypass anti-fraud solutions such as multi-factor authentication or device fingerprinting, she said.
The site had been active since 2018.
The NCA said Genesis had operated by selling credentials from as little as one-dollar (AUD) to hundreds of dollars depending on the stolen data available.
"To get up and running on this you just have to know of the site, potentially be able to get yourself an invite which given the volume of users probably wouldn't be particularly difficult," NCA Head of Cyber Intelligence Will Lyne said.
"Once you become a user, it's really easy to then ... Perpetrate criminal activity."
The NCA said countries involved in the investigation also included Australia, Canada, Denmark, Estonia, Finland, France, Germany, Iceland, Italy, New Zealand, Poland, Romania, Spain, Sweden, and Switzerland.
