Key Takeaways
- US law enforcement seized 145 domains tied to BidenCash darknet marketplace.
- Authorities confiscated around $43,000 in USDT linked to illegal payments.
- At least seven BidenCash-related domains remain active despite the takedown.
U.S. authorities have taken down 145 domains connected to BidenCash, a darknet marketplace accused of trafficking stolen credit card data and personal information, according to a June 4 statement.
Operation details
The operation was led by the Department of Justice in coordination with the FBI, Secret Service, and Dutch High Tech Crime Unit.
Each of the seized domains now redirects to a law enforcement page displaying agency logos and a message on the site’s shutdown.
Seizure of crypto wallets
In addition to the domain takedown, the government also seized crypto wallets used for illicit transactions.
Although officials did not disclose exact figures, on-chain data reviewed by Arkham Intelligence shows approximately $43,000 worth of USDT, a stablecoin issued by Tether, was seized.
Notoriety and revenue of BidenCash
BidenCash gained notoriety for openly selling over 15 million stolen credit card records and personal data.
Authorities estimate it generated at least $17 million in revenue and served more than 117,000 users at its peak.
Promotional data dumps
To attract more users, the marketplace gave away stolen data for free.
Between October 2022 and February 2023, BidenCash released 3.3 million stolen cards in a promotional dump.
The data included full credit card details, CVV numbers, names, addresses, emails, and phone numbers.
Ongoing challenges
Despite the enforcement action, security researcher Vmprotect flagged at least seven active BidenCash-linked domains still online as of June 5, using tools like domainhunter.pro.
This underlines the persistent challenges authorities face in fully dismantling darknet infrastructure.
