WASHINGTON–The federal government has seized 145 domains tied to “BidenCash,” a notorious dark web market that trafficked in more than 15 million stolen credit cards, offered special promotions and buyer protections and more, according to authorities.
In addition to the 145 dark and clear web domains, the United States Attorney’s Office for the Eastern District of Columbia said it confiscated cryptocurrency funds linked to BidenCash’s illicit transactions, though no value was disclosed.
$17M in Illicit Revenue
The marketplace launched in March 2022 and racked up more than $17 million in illicit revenue during its operations, according to the US Department of Justice.
The government said BidenCash administrators trafficked more than 15 million payment card numbers and personal data, including giving away ata for free to drum up business.
Between October 2022 and February 2023, BidenCash posted 3.3 million stolen credit card records for free as part of its promotional campaigns, according to the DoJ.
The Records Available
The records included card numbers, expiration dates, verification codes, names, home and email addresses, and phone numbers.
While BidenCash primarily trafficked in stolen credit card data, authorities said it also offered compromised login credentials that could grant remote access to servers, potentially enabling wider cyberattacks, including SSH credentials sold in bulk.
The platform amassed more than 117,000 customers during its two-year run, the DoJ said, and its domains now redirect to U.S. seizure splash pages, similar to those used in ransomware takedowns.
‘Confident’ Scammers
“The team behind the platform was so confident in their wares that they reportedly offered a buyer protection program that punished vendors on the site for selling spent or otherwise unusable details,” the Register reported. “The program was also set up to maintain the exclusivity of the data for BidenCash.”
