BidenCash, a dark web carding market responsible for trafficking over 15 million payment card numbers and other sensitive information, has suffered a major blow from authorities. Approximately 145 domains linked to the platform have been seized.
US authorities seized 145 darknet and traditional internet domains, as well as cryptocurrency funds associated with the BidenCash marketplace, according to an announcement by the US Attorney’s Office for the Eastern District of Virginia.
Since March 2022, BidenCash has operated as an integral part of the cybercrime economy, simplifying the process of buying and selling stolen credit cards and associated personal information. The marketplace also sold compromised credentials that could be used to access computers without proper authorization.
The marketplace supported over 117,000 customers, facilitated the sale of over 15 million payment card numbers, including other personally identifiable information, and generated over $17 million in revenues for criminals.
Today, the FBI, along with partners at @TheJusticeDept and @SecretService, announced the seizure of cryptocurrency and ~145 domains associated with the BidenCash criminal marketplace, which generated millions in revenue by trafficking in stolen data https://t.co/CjXTxIrWkg pic.twitter.com/IBA8erItMl
undefined FBI (@FBI) June 4, 2025
The criminal marketplace appropriated the name and image of Joe Biden, the former president of the US.
“The BidenCash marketplace domains will no longer be operational and will be redirected to a US law enforcement-controlled server, preventing future criminal activity on these sites,” the press release reads.
Cybernews previously reported that in 2023, the BidenCash marketplace released two million stolen credit cards for free as a “birthday present.”
The authorities specified that between October 2022 and February 2023, the marketplace published 3.3 million individual stolen credit cards for free to promote the use of its services.
The stolen data included credit card numbers, expiration dates, Card Verification Value (CVV) numbers, account holder names, addresses, email addresses, and phone numbers.
The seizure is a result of an international collaboration between the US Secret Service, FBI, the Dutch National High Tech Crime Unit, The Shadowserver Foundation, and Searchlight Cyber for their assistance with the investigation.
This cooperation has recently led to a series of massive cybercrime infrastructure disruptions.
Last week, police took down AVCheck, a major malware testing platform. Days before that, the US Department of Justice announced the seizure of infrastructure used by the LummaC2 information-stealing malware service operators.
Two weeks ago, Operation Endgame crippled multiple malware strains including Bumblebee, Lactrodectus, Qakbot, Danabot, Trickbot, and Warmcookie.
Your email address will not be published. Required fields are markedmarked