A ‘marketplace’ used by online fraudsters and cyber criminals called Genesis Market has been shut down after a global law enforcement.
Genesis sold logins details, IP details and other sensitive info to extort cash from victims.
In the UN, the National Crime Agency (NCA) carried out its part in the worldwide oerpation.
Commenting on development, Brad Freeman, Director of Technology at SenseOn said: “Individuals and organisations can safeguard their credentials in two easy steps:
- Enable multi-factor authentication on all platforms.
- Generate unique, random passwords for each service with a built-in password manager on your phone or browser.
“Lacking multi-factor authentication and varied passwords leaves you highly vulnerable. Attackers can easily assemble a detailed profile about you across numerous websites, putting you at risk for fraud and significant personal data exposure.”
Dan Conrad, AD Security and Management Team Lead at One Identity said:
“This is a sizeable success for law enforcement entities targeting the often-shadowy processes of buying stolen credentials.
“The very existence of sites such as this serve as a warning about the insecurity of having password-only as an authentication system.
“They are often stolen and leveraged due to the endemic problem of password reuse.
“While it worth noting that It’s becoming more difficult to profit from such cybercrimes, which is a huge step.
“It makes me ask how many credentials they were selling that are protected with MFA, so they’re basically useless anyway. Maybe attackers will realise they’re buying MFA-protected credentials and move away from this simple attack.”
The NCA arrested 24 suspected users including men aged 34 and 36 in Grimsby, Lincolnshire,
They are being held on suspicion of fraud and computer offences.