The Genesis Market – a site that was used to trade illegally obtained account credentials. Operation Cookie Monster was carried out this week, as a result the site was shut down. The action was conducted by the FBI with the help of international services (including the CBZC [Polish Central Office for Combating Cybercrime]). A 119 people were arrested.
Using malware, hackers collected all kinds of data that allowed them to seize sessions and impersonate users. In this way, Genesis customers benefited from IMPaas- Impersonation-as-a-Service. The Genesis Market had a list of ‘bots’ along with information about their operating system, location and a list of services they were authenticated to. After purchasing the bot of choice, all that was needed was to run a special browser extension that reconstructed the required digital fingerprint and granted access to the victim’s account.
Information about the stolen data has been submitted to Have I Been Pwned (HIBP) and anyone can check if their e-mail address was among the stolen data. The Dutch police have also launched a website, where you can check if your e-mail address was among the compromised data.
According to HIBP, the compromised data include:
– dates of birth,
– e-mail addresses,
– names and surnames,
– phone numbers,
– addresses,
– account Names,
– passwords,
– user agent header details,
– full credit card details.
It is important to note that the data above has not been seized in all cases.
What to do if you are a victim of this data protection?
The following list of steps was prepared by HIBP in cooperation with the FBI:
- Log out of all open browser sessions on your computer.
2. Delete all browser cookies and temporary files.
3. Switch the computer to default settings or run a virus scan.
4. Change all passwords – this activity must be done at the end, after getting rid of the malware.
We encourage you to read the full article written by Troy Hunt from Have I Been Pwned.
