Skip to content

FBI’s Cookie Monster op takes the cookies from Genesis Market

  • by
  • 2 min read

One of the biggest online criminal platforms, Genesis Market was seized by the FBI in an operation dubbed Cookie Master on Tuesday. A large number of arrests are also being carried out globally. The organisation maintained sites on both the dark and regular web which have now been replaced with a splash image revealing the takedown. 

The platform functioned as an online marketplace for cybercriminals selling anything from stolen credentials to bots, malware and other malicious tools. What made Genesis stand out was that it offered access to browser sessions that allowed threat actors to impersonate victims’ web browsers. This information included IP addresses, session cookies, OS information and extensions among other things.

Genesis made its profit by renting out account identities through bots that included stolen accounts paired with browser session data to make the online activity appear legitimate. This meant that Genesis could offer access to a lot of popular online services including Amazon, Cloudflare, eBay, Facebook, Gmail, Linkedin, Netflix, Paypal, Reddit, Spotify, Twitter, WordPress and Zoom. 

The Genesis site shows the FBI takedown notice.

The low barrier of access was also part of Genesis’s success. While the site itself was invite-only, it was discoverable through regular web searches and invite codes were widely available, in some cases even being offered on Youtube videos. It also featured a wiki, which explained how the site works.

Unlike its competitors, Genesis also didn’t list any third-party vendors and with The Record reporting approximately 135 million individual bot listings since 2018, Genesis was behind millions of fraud and identity impersonation attacks globally. 

Additionally, based on the number of active listings before the takedown weighed against a sample size consisting of 1.3 million platform references over the last month, Genesis STore has likely had anywhere between 30 to 50 million active listings over its lifespan. However, since the store doesn’t show historical records, the real number might be even higher. 

In the News: US Fed agency used a shell company to buy NSO spyware


Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: [email protected]