Carding Marketplace BidenCash Shut Down by Authorities 

Approximately 145 dark web and clear web domains associated with the BidenCash marketplace have been seized, the US Department of Justice announced.

Operating since March 2022, BidenCash allowed cybercriminals to sell and buy stolen credit cards and personally identifiable information, with the marketplace’s administrators charging a fee for each transaction.

In less than a year after it became operational, BidenCash became one of the top carding marketplaces.

Between October 2022 and February 2023, 3.3 million stolen credit cards were published on BidenCash for free, as means to promote its services.

“The stolen data included credit card numbers, expiration dates, Card Verification Value (CVV) numbers, account holder names, addresses, email addresses, and phone numbers,” the DoJ says.

Even after the card details have expired, threat actors may use the leaked personal information for phishing, identity theft, and various types of scams, security researchers have warned.

According to the DoJ, BidenCash had over 117,000 customers, with more than 15 million payment card numbers and associated personal information traded on it. The marketplace generated more than $17 million in revenue throughout its operation.

In addition to seizing the marketplace’s darknet and traditional internet domains, authorities obtained court orders to seize cryptocurrency funds the marketplace generated from the illegal sales.

Following the takedown, visitors to BidenCash marketplace domains will be redirected to a domain controlled by US law enforcement, usssdomainseizure.com, and will see a seizure banner.

The investigation into BidenCash was led by the United States Secret Service and the FBI, with assistance from the Dutch National High Tech Crime Unit, The Shadowserver Foundation, and Searchlight Cyber.