The world of cybercrime often revolves around specialized hubs for illicit trade, and for a period, one of the most notorious in the "carding" scene was BidenCash CC. This darknet marketplace specialized in the sale of stolen payment card data and personal information, creating significant risk for consumers and financial institutions globally.

What Was BidenCash?

Launched around March 2022, BidenCash quickly established itself as a major player in the market for stolen financial data. It was an example of an "autoshop," a type of dark web marketplace that automates the transaction process for digital products like credit card numbers, which cybercriminals refer to as "CVVs" (Card Verification Values) or "fullz" (card details bundled with personal information). The marketplace operated on both the dark web and the regular "clear web."

The marketplace’s branding, which appropriated the name and image of a U.S. political figure, was a sensationalist tactic, following a trend set by a predecessor known as "Trump's Dumps."

Scale of Operations

Before its eventual closure, BidenCash demonstrated the massive scale of the cybercrime economy. According to statements from the U.S. Department of Justice, the marketplace:

• Customers: Supported over 117,000 customers.

   

   

• Data Trafficked: Facilitated the trafficking of more than 15 million payment card numbers and associated personally identifiable information (PII).

   

   

• Revenue: Generated over $17 million in illicit revenue during its operation.

   

   

To promote its services and attract new customers, Bidencashcc frequently published large datasets of stolen cards for free. For example, between late 2022 and early 2023, the marketplace reportedly published 3.3 million individual stolen credit cards for free, which included card numbers, expiration dates, CVV numbers, cardholder names, addresses, and email addresses.

The Law Enforcement Takedown

In a major victory for international law enforcement against cybercrime, the BidenCash marketplace was seized.

In a coordinated operation, the U.S. government, with assistance from the Dutch National High Tech Crime Unit and others, announced the seizure of approximately 145 darknet and traditional internet domains associated with BidenCash. The operation also resulted in the seizure of cryptocurrency funds used by the marketplace to receive its illegal proceeds. The marketplace domains were redirected to a law enforcement-controlled server, effectively halting its criminal activities.

The closure of BidenCash serves as a strong reminder that major cybercrime operations, despite the perceived anonymity of the dark web, are increasingly vulnerable to coordinated international law enforcement efforts. For consumers and businesses, the exposure of data through such marketplaces highlights the critical need for constant vigilance and robust cybersecurity measures, including monitoring for data breaches and immediately reporting any suspicious financial activity.