U.S. Authorities Crack Down on BidenCash: A Major Seizure in the Dark Web
On June 5, 2025, the U.S. Department of Justice (DoJ) made significant headlines with its announcement of a major crackdown on the illicit cryptocurrency marketplace known as BidenCash. This operation resulted in the seizure of numerous cryptocurrency assets and around 145 domains linked to the dark web carding site.
Overview of BidenCash
Launched in March 2022, BidenCash filled the vacuum that was created after the shutdown of Joker’s Stash and other similar platforms like UniCC. The site quickly became a hub for the illegal buying and selling of stolen credit card information and personal data. The DoJ explained that BidenCash operators charged users a fee for transactions, making it a profitable venture for those behind the scenes.
Scale and Impact
Since its inception, BidenCash has reportedly catered to over 117,000 customers, facilitating the trafficking of more than 15 million stolen payment card numbers and personal information. By all accounts, this illicit operation generated an astonishing revenue of at least $17 million.
A significant tactic employed by BidenCash to attract users involved the promotion of stolen credit cards. Between October 2022 and February 2023, the platform distributed 3.3 million compromised credit card details for free, encouraging criminals to utilize its services. The leaked information typically included credit card numbers, expiration dates, CVV codes, and personal identifiers such as names and addresses.
Geographic Breakdown of Compromised Data
In February 2023, approximately 2.1 million compromised credit cards were made public, with around half belonging to U.S. individuals or businesses, as reported by Flashpoint. This staggering statistic highlights the extensive reach of BidenCash and its impact on American financial security.
Additional Criminal Activities
BidenCash wasn’t limited solely to credit card fraud; it also specialized in the sale of compromised login credentials, enabling other criminal entities to infiltrate networks without authorization. This provided a lucrative avenue for various malicious activities, such as data theft and unauthorized access.
In a troubling development reported by CloudSEK in May 2023, BidenCash began offering advertisement services for SSH (Secure Shell) access at the affordable rate of $2. They provided tailored packages that allowed prospective buyers to evaluate target servers for vulnerabilities, including computing power and security weaknesses.
Risks of Compromised SSH Services
The potential risks associated with this illicit offering are significant. Cybersecurity experts noted that such access could empower threat actors to execute various malicious activities, including data exfiltration, ransomware attacks, and even unauthorized cryptocurrency mining.
Law Enforcement Collaboration
While specific details about the value of the confiscated cryptocurrency and the identities of the BidenCash operators remain undisclosed, this operation was part of a larger international law enforcement effort. Collaboratively led by the U.S. Secret Service and the FBI, the investigation involved partnerships with the Dutch Police, the Shadowserver Foundation, and Searchlight Cyber.
The recent crackdown on BidenCash coincides with a broader initiative that included the seizure of four additional domains linked to counter-antivirus services. These services were designed to help cybercriminals ensure their malware remains undetected by conventional security measures.
Recent Arrests in the Cybercrime Sphere
This recent operation also follows the arrest of a 35-year-old Ukrainian individual accused of breaching over 5,000 customer accounts at a hosting company to mine cryptocurrency illicitly. This suspect faces up to 15 years in prison, having caused approximately $4.5 million in damages through unauthorized use of servers.
Using open-source intelligence, this individual targeted vulnerable organizations, deploying virtual machines for cryptojacking activities. The breadth and duration of this operation underscore the ongoing risks posed by cybercriminals who exploit weaknesses in infrastructure.
As law enforcement agencies worldwide ramp up their efforts against cybercrime, initiatives like those targeting BidenCash demonstrate a concerted attempt to combat financial fraud and protect individuals’ private information in an increasingly digital economy.
