Gibraltar Chronicle Logo

International police operation shuts down cybercrime marketplace

An international police operation has shut down an online marketplace in which people’s personal and banking details were being bought and sold.

‘Operation Cookie Monster’, led by the FBI and the Dutch National Police but involving law enforcement agencies from 17 countries, has resulted in over 120 arrests, 24 of them in the UK.

The online marketplace, known as Genesis Market, was handling over two million identities when it was taken down.

Most of these were from Netflix and PayPal accounts.

When criminals purchased a ‘bot’, it would give them a person’s log-in details, passwords and details from their autofill forms.

The more expensive ‘bots’ would also contain information about a person’s online bank accounts.

Criminals would pay around 56p for a simple ‘bot’ and up to several hundred pounds for one containing much more information.

Will Lyne, the head of cyberintelligence at the UK’s National Crime Agency said: “Genesis Market is one of the top criminal access marketplaces anywhere in the world.”

“Genesis Market is an enormous enabler of fraud and a range of other criminal activity online, by facilitating that initial access to victims.”

“(Using this), you can completely self-start and go looking for this and get everything you need to perpetrate a crime.”

“You don’t have to go and meet somebody, you don’t have to go into a shadowy forum, you can get into it, pay your money and then you’ve got the tools to commit a crime.”

“That’s why it is so damaging and it is very, very easy.”

    How to Check if Your Digital Identity Has Been Stolen

The Dutch Police has developed a portal to check whether your information has been compromised.

Visit https://www.politie.nl/checkyourhack and fill in your email address to see if it is part of a Genesis Market leak.

If your digital identity has been stolen, here are the steps you should take:

- Run your antivirus programme. In most cases, your antivirus will catch the malware and remove it. Only then should you change all your passwords – not before if you do not want the cybercriminals getting their hands on them.

- Notify relevant stakeholders. Your bank, insurance company and any other important third party should be made aware of your identify theft.

- Remember that cybercriminals are quick at adapting their techniques to benefit from any opportunity.

There are simple preventive actions you can take to make it more difficult for them to access your devices and data:

- If available, use antivirus software on all your electronic devices.

- Keep your software updated, including your browser, antivirus and operating system.

- Browse and download only official versions of software and always from trusted websites.

- Be wary while browsing the internet and do not click on suspicious links, popups or dialog boxes.

- Think twice before clicking on links or attachments within unexpected emails.

- Set up unique passwords. Generate strong passwords or passphrases for each individual website and service. This is where the use of a password manager comes in handy.

- Activate multifactor authentication functionality whenever possible for all of your accounts.

Most Read

Local News

Govt recruits two tax professionals

Download The App On The iOS Store