International police operation: the “black market” of Genesis Market passwords has been deactivated

Listen to the audio version of the article

International police operation against the Genesis Market platform, one of the largest virtual black markets in the world, dedicated to the sale of stolen credentials: 16 countries involved and 37 searches only in Italy, where the Postal Police moved The operation was carried out by the FBI and the Dutch police, coordinated by Europol and Eurojust and directed, for the Italian territory, by the public prosecutor’s office of Rome.

Genesis Market, specialized in the sale of access credentials and stolen data, with a turnover of over 2 million stolen virtual identities, was deactivated, with seizures, carried out throughout Europe, of the servers on which the IT infrastructure rested. In Italy, thousands of credentials are involved, identified by the specialists of the National Anti-Crime Center for the protection of critical infrastructures of the Postal Police under the direction of the Rome prosecutor’s office and pertaining both to computer spaces in the private life of ordinary citizens (email, social networks , e-commerce accounts, etc.), and passwords capable of guaranteeing unlawful access to institutional computer spaces of the public administration, as well as spaces belonging to banks and large national companies, suppliers of essential public services.

37 searches in Italy

On Italian territory alone, 37 personal, local and computer search decrees were issued by the prosecutor, which the Cnaipic and the Cyber ​​Security Operations Centers of Campania Basilicata and Molise, Lazio, Lombardy, Puglia, Emilia Romagna, Calabria, Veneto, Western Sicily, Abruzzo, Friuli Venezia Giulia, Liguria, Tuscany, Trentino-Alto Adige and Umbria, performed against as many customers of the platform, who had purchased thousands of access credentials over time. Among the suspects there are both people already known to the police and those with a clean record. The searches led to the seizure of various IT devices, the analysis of which will now allow the investigators to understand exactly what use was made by the suspects of the illicit credentials purchased, and what type of confidential information – and to which level of secrecy – have been compromised.