In an unprecedented FBI-led takedown, police in four Australian states acted simultaneously with 17 other agencies around the world to dismantle the site Genesis Market which held stolen information from 36,000 devices in Australia.

Police launched 24 raids across NSW, Victoria, Queensland and Western Australia and arrested ten people for allegedly buying packages of stolen account details including usernames and passwords for email, bank accounts, and government services and social media – from malware-infected computers.

In NSW, Police Detective Acting Superintendent Jason Smith said they conducted six raids across South-west Sydney, Newcastle and Wollongong computers, storage data, cash, drugs, fake identity documents, and credit cards and equipment used to make fake documents.

Det Superintendent Smith said four men had been charged with 15 offences, including supply drug dealing in proceeds of crime and equipment to manufacture false identity documents.

“The applications the subject of this operation are pure and simple instruments of crime,” Det Supintendent Smith said.

“They have no legitimate purpose other than to cause mass disruption and financial harm.

“If you have purchased or downloaded one of these application you can expect a knock on the door soon.”

Det Superintendent Smith said police will now conduct a thorough digital analysis of everything seized looking for further offences and it is expected there may be more arrests.

“We need to go kilobyte by kilobyte through all of those devices and computers and see what people were actually doing … and we will gather a lot more information about further offences.

“That is a fairly painstaking process, potentially months of work and we are staring that today.

“The people that purchased the applications range from wannabe hackers to people who are technologically savvy and can cause a lot of damage and harm.

Det Supintendent Smith said the first phase of the operation involved people who allegedly purchased varying amounts of the information they enable you to get into a whole variety of services banking services.

The US Justice Department revealed the co-ordinated international operation against Genesis Market on Wednesday.

After being established in 2018, the invitation-only Genesis Market had been selling access to data stolen from more than 1.5 million compromised computers containing more than 80 million account access credentials. The information gathered by malware infecting computer and sweeping up information including browser histories.

Online banking, Facebook, Amazon, PayPal and Netflix account information was offered for sale as so-called digital fingerprints which enabled criminals to bypass online security checks by pretending to be the victim.

FBI legal attaché based in Australia, Nitiana Mann, said the FBI knows who the suspects are and the US Department of Justice is still investigating.

“We do know who the administrators are. One of the admins is believed to be in Asia and another in Russia.”

AFP Assistant Commissioner Cyber Command Scott Lee said the Genesis Market had the potential to cause $46 million in harm to the Australian community through the sale of stolen Australian data.

If anyone thinks they have been compromised the Dutch Police have developed a portal to help determine if your personal details have been compromised. Visit www.politie.nl/checkyourhack to determine if your details were available on Genesis Market.

More Coverage

Aussie crims’ secret ‘dirty cash dropzones’ revealed

Natalie O’Brien

5159kg of drugs: Why there’s less cocaine in Sydney

Natalie O’Brien

Originally published as Ten Australian arrests in FBI-led operation targeting sale of stolen data