US sanctions cybercrime forum in latest takedown

FILE – The Department of the Treasury’s seal outside the Treasury Department building in Washington on May 4, 2021. The Treasury Department on Friday, Feb. 10, 2023, announced sanctions on five current and former Bulgarian officials, as well as five entities accused of illicit personal gain, undermining the country’s democratic institutions and perpetuating “corrosive dependence on Russian energy sources.” (AP Photo/Patrick Semansky, File)

The Treasury Department on Wednesday announced sanctions against a Russia-based darknet marketplace in a coordinated plan to crack down on illegal cyber activity.

The group, Genesis Market, is one of the world’s largest illicit marketplaces known for stealing and selling credentials and other sensitive information, including usernames and passwords. 

The Treasury Department said it partnered up with the Department of Justice and international partners from a dozen of countries to take down Genesis Market.

“The United States, along with our international partners, will not allow illicit marketplaces to operate with impunity,” said Brian Nelson, Treasury under secretary for Terrorism and Financial Intelligence, in a statement.

“Treasury will continue to work closely with our law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable,” he added.

The Treasury Department said Genesis Market steals sensitive data by gaining unauthorized access to computer systems. Once the group has the stolen data it packages it and sells it to cybercriminals for “further exploitation.”

The department added that there were about 460,000 packages listed for sale as of Feb. 1. It also said that cybercriminals have used Genesis Market to target U.S. government organizations.  

According to news reports, the FBI also seized the web domains of Genesis Market, calling the takedown of the group as “Operation Cookie Monster.”

Last year, the Treasury Department sanctioned Hydra Market, another prominent Russia-based cybercrime forum, for engaging in several illegal activities including ransomware, hacking, identity theft, counterfeit currency and illicit drugs. 

The agency said it identified about $8 million in ransomware proceeds that went through Hydra’s virtual currency accounts.

“The global threat of cybercrime and ransomware that originates in Russia, and the ability of criminal leaders to operate there with impunity, is deeply concerning to the United States,” said Secretary of Treasury Janet Yellen at the time.

Tags cybercrime FBI Janet Yellen Treasury Department

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.