Home Technology Operation Cookie Monster: US Authorities Take Down Russia-Linked Cybercrime Marketplace Genesis Market

Operation Cookie Monster: US Authorities Take Down Russia-Linked Cybercrime Marketplace Genesis Market

by George Mensah
genesis market

The US government, in partnership with an international consortium of law enforcement authorities, has taken down the Genesis Market, a notorious Russia-linked marketplace that sold tens of millions of hacked accounts to bad actors worldwide. This was part of a larger effort, dubbed Operation Cookie Monster, which is the largest operation of its kind.

Genesis Market was one of the two largest venues for the purchase and sale of hacked accounts, with a sophisticated, globe-spanning infrastructure that compromised over one million devices. The other, BreachForums, was taken down in March.

The FBI and the Justice Department led the operation, and the Treasury Department’s Office of Foreign Assets Control also announced sanctions against Genesis Market.

The takedown of Genesis Market is a significant step in the fight against cybercrime, and it demonstrates the FBI’s commitment to dismantling key services used by criminals to facilitate cybercrime. The illicit behavior resulted in losses estimated in the tens of millions, according to officials.

Genesis Market capitalized on malware-infected computer systems to compile stolen private data, such as mobile device identifiers, email addresses, usernames, and passwords, to sell to cybercriminals. The marketplace also sold unauthorized access to computer systems.

The operators of the service and its users were targeted in the globe-spanning operations, resulting in approximately 460,000 packages of stolen private information listed for sale on the marketplace as of Feb. 1, according to the Treasury.

The Treasury believes Genesis to be located in Russia, as records show that its domain names were linked to nameservers in Russia and China, two nations that have been named as loci for state-sponsored hacking.

The Justice Department has taken action against other alleged Russian criminal activities earlier this year. Bitzlato, a crypto exchange, was described as a haven for criminal activity with overt links to a Russian dark web marketplace. Senior Justice Department and FBI officials described Operation Cookie Monster as a continuation of that work.


The seizure of Genesis Market sends a warning to cybercriminals who operate or use these criminal marketplaces. The US government and international partners will shut down illegal activities, find, and bring malign cyber actors to justice. The US and its international partners will not allow illicit marketplaces to operate with impunity. Treasury will continue to work closely with law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable.

You may also like

Leave a Comment