In brief
- U.S. authorities seized 145 domains and crypto linked to BidenCash, a marketplace that sold over 15 million stolen credit cards and generated $17 million in revenue.
- BidenCash promoted itself by leaking millions of card records for free, using data dumps to attract cybercriminals.
- The takedown follows global efforts like Operation RapTor, which recently led to 270 arrests and $200 million in crypto and cash seizures across 10 countries.
The U.S. government has seized 145 domains and undisclosed amounts of crypto tied to BidenCash, a dark web marketplace accused of selling millions of stolen credit cards and personal data.
BidenCash began operations in March 2022, offering a centralized space for buying and selling stolen credit card details, login credentials, and server access.
Prosecutors said the marketplace served over 117,000 customers and generated more than $17 million in revenue during its two-year run by facilitating more than 15 million card transactions, per a statement released by the U.S. Attorney’s Office for the Eastern District of Virginia on Wednesday.
The domains seized in the operation will no longer be accessible and have been redirected to law enforcement-controlled servers, preventing further illicit activity.
The U.S. government has secured legal authorization to seize crypto funds tied to the marketplace, according to the statement.
During its operation, BidenCash administrators reportedly charged transaction fees while enabling users to buy stolen financial and personal information, including access credentials to compromised servers.
To promote its services and expand its reach, BidenCash periodically released massive datasets free of charge.
Between October 2022 and February 2023, the platform published 3.3 million stolen credit card records, including card numbers, CVVs, account holder names, email addresses, and physical addresses.
These giveaways were part of a strategy to attract users and build trust among cybercriminals, especially following disruptions such as distributed denial-of-service attacks, according to a report by cybersecurity firm SOCRadar.
DDoS attacks are coordinated efforts to flood a website or server with traffic, forcing it offline or disrupting access.
The takedown adds to a growing list of dark web enforcement actions targeting crypto-enabled criminal networks.
Just last month, Operation RapTor resulted in the arrests of 270 individuals across 10 countries, the seizure of $200 million in assets, including hundreds of millions in crypto, and the dismantling of multiple dark web drug trafficking platforms.
Edited by Sebastian Sinclair
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
