US targets dark web marketplace, seizes crypto and 145 domains

US law enforcement has dismantled the BidenCash dark web marketplace and seized approximately 145 domains and associated cryptocurrency funds used to carry out the sale of stolen credit card information.

The operation, which was revealed by the US Attorney’s Office for the Eastern District of Virginia, targeted a platform that made it easier for over 117,000 clients worldwide to purchase and sell stolen payment card information and personal data.

BidenCash marketplace facilitated $17 million in stolen credit card transactions

The BidenCash marketplace operated as a comprehensive platform for cybercriminals seeking to monetize stolen financial data and generated over $17 million in revenue since launching operations in March 2022. The platform facilitated the trafficking of more than 15 million payment card numbers and associated personally identifiable information. It also established itself as a major hub for financial fraud activities.

BidenCash operators used a fee structure and charged commissions for every transaction conducted with the assistance of the site. The business model facilitated the operators to generate revenues from their illegal activity user base. They also provided an interface that was simple to use for the exchange of stolen financial data.

During October 2022 and February 2023, the platform employed a blatant marketing approach by making 3.3 million single stolen credit cards freely distributable. The freebies were intended to lure new users and establish credibility among cybercriminals, especially after service outages triggered by distributed denial-of-service attacks forced the platform offline sporadically.

The data exposed by BidenCash as per the US DOJ press release contained full financial information such as credit card numbers, expiration dates, Card Verification Value (CVV) values, the names of the account holders, addresses, email addresses, and phone numbers.

This detailed information package allowed purchasers to conduct various forms of financial fraud and identity theft. Beyond payment card information, the marketplace also sold compromised computer credentials that could be used to gain unauthorized access to systems.

International cooperation leads to major dark web enforcement success

The BidenCash takedown shows coordinated international law enforcement efforts targeting cryptocurrency-enabled criminal networks across multiple jurisdictions. The operation involved collaboration between US agencies including the Secret Service’s Frankfurt Resident Office, the Secret Service’s Cyber Investigative Section, and the FBI Albuquerque Field Office, along with international partners.

The Department of Justice acknowledged assistance from the Dutch National High Tech Crime Unit, The Shadowserver Foundation, and Searchlight Cyber and acknowledged the global nature of combating dark web marketplaces. This international cooperation proved essential in dismantling the platform’s infrastructure, which operated across multiple domains and jurisdictions.

Court authorization allowed US authorities to seize cryptocurrency funds that BidenCash used to receive illicit proceeds from illegal sales. The seized domains will be redirected to law enforcement-controlled servers. This prevents future criminal activity on these platforms and serving as a deterrent to similar operations.

This enforcement action builds on recent successes in targeting crypto-enabled criminal networks. Last month’s Operation RapTor resulted in arrests of 270 individuals across 10 countries, seizure of $200 million in assets including hundreds of millions in cryptocurrency. The government also dismantled multiple dark web drug trafficking platforms.

Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More