With a huge blow to the world of cybercrime, law enforcement bodies from around the world led by U.S. and Dutch authorities have managed to shut down BidenCash, one of the largest carding markets on the dark web.
The takedown was announced yesterday and saw the seizure of roughly 145 domains on both the clear web and dark web, as well as related cryptocurrency funds.
Launched in March 2022, BidenCash quickly became a key marketplace for the sale of stolen credit card numbers, PII (personally identifiable information), and compromised credentials.
According to the U.S. Department of Justice, the site had “well over” 117,000 customers, and enabled the trafficking of more than 15 million stolen payment card numbers leading to approximately $17 million in illegal gains.
The marketplace was infamous for its aggressive techniques to market stolen cards, including occasionally offering large tranches of stolen numbers for free in order to attract new users.
The shutdown is a big hit for the carding scene, which relies on a quick turnover of stolen financial data. BidenCash filled a vacuum created by earlier large takedowns, such as those of Joker’s Stash, which signaled that it is an ongoing enterprise.
Despite this, the take down of this alleged criminal network is landmark, since it was a simultaneous action by the U.S. Secret Service, FBI, Netherlands National High Tech Crime Unit, and other partners in a reinforced global fight to disturb such activities.
The ultimate effect will presumably be a temporary interruption in the supply of dirty card data and a shakeout for the carding market, but only time will tell. As a rule, takedown efforts of this type are likely to result in the existing marketplaces either breaking up or the emergence of new ones.
Cybercrime groups are very adaptable, and new operations could feasibly seize on the void created by BidenCash. Still, taking down domains and netting cryptocurrency assets serves as a warning to those who would continue to run these illegal enterprises.
For its customers and for the financial industry, too, as it turns out, this takedown is itself a positive development — but one that should not be mistaken for a sign that they can forgo vigilance against financial fraud and identity theft.
Details about arrests made in the operation have not yet been released by the authorities, but the takedown of BidenCash marks an important stage in fighting back against financial crime online.
