cybercrime

U.S. law enforcement has delivered a significant blow to cybercrime by shutting down the dark web marketplace BidenCash, seizing 145 associated domains and cryptocurrency funds linked to its illegal operations. Since launching in March 2022, BidenCash served over 117,000 users and facilitated the trade of stolen credit card data worth more than $17 million.

BidenCash: A Hub for Stolen Financial Data
The platform operated as a marketplace for cybercriminals to trade over 15 million credit card numbers along with personally identifiable information, including names, addresses, emails, and phone numbers. These data sets enabled buyers to commit identity theft and financial fraud. In addition to credit card details, BidenCash also sold compromised computer login credentials used for unauthorized system access.
The operators of BidenCash charged fees on each transaction and provided a user-friendly interface that made the illicit trade easy and efficient. In a bold marketing move, the platform distributed over 3 million stolen credit card numbers for free in October 2022 and February 2023, aiming to attract new users and gain credibility in criminal circles.

Coordinated U.S. and International Takedown
The operation, led by the U.S. Department of Justice and the U.S. Attorney's Office for the Eastern District of Virginia, was supported by the FBI, U.S. Secret Service, and several international partners. Key contributors included the Netherlands’ National High Tech Crime Unit, Shadowserver Foundation, and cybersecurity firm Searchlight Cyber.
As part of the operation, authorities seized 145 domain names now redirected to law enforcement-controlled servers. In addition, crypto assets linked to the platform’s illegal profits were frozen to prevent further criminal use and send a strong deterrent message to similar operators.

Part of a Broader Crackdown on Crypto-Enabled Crime
The dismantling of BidenCash follows May’s Operation RapTor, during which 270 individuals were arrested across 10 countries and assets worth over $200 million—including hundreds of millions in crypto—were seized. Authorities also shut down several drug trafficking platforms on the dark web.
This latest success underscores that while the crypto space offers a degree of anonymity, coordinated action between global law enforcement agencies continues to make real progress in the fight against cybercrime.

#cybercrime , #darkweb , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Ukrainian police have arrested a 35-year-old man for illegally breaching 5,000 user accounts of an international hosting company and using them to mine cryptocurrencies. This sophisticated cryptojacking attack caused damages exceeding $4.5 million, and the suspect now faces up to 15 years in prison.

🔹 Mining Crypto on Hijacked Servers
According to Ukraine’s National Police, the attacker secretly deployed virtual machines and crypto-mining software within the infrastructure of compromised accounts. Once he gained unauthorized access, he activated miners that exploited company servers to generate digital assets. Officials classified it as a severe disruption of information and communication systems.
The suspect is charged under Part 5 of Article 361 of Ukraine’s Criminal Code, which allows for a maximum sentence of 15 years in prison, along with a three-year restriction on working in IT or accessing networked systems after release.

🔹 Hacking Since 2018 – and Constantly on the Move
Investigators discovered that the hacker had been active since at least 2018, probing vulnerabilities in various international firms. He frequently changed locations, reportedly residing in Poltava, Zaporizhzhia, and Dnipropetrovsk regions to evade law enforcement.
A house raid led to the seizure of computers, smartphones, bank cards, and other physical evidence. Authorities found mining scripts, hacking tools, and stolen login credentials to emails and wallets containing illegally mined crypto.

🔹 Europol Assisted in Previous Major Cryptojacking Arrest
Ukraine is not fighting this cyber threat alone. In January 2023, Ukrainian authorities—with support from Europol—arrested a 29-year-old man in Mykolaiv, accused of hijacking 1,500 accounts to create over 1 million virtual servers, enabling illegal crypto mining worth over $2 million.
The attacker had used a custom brute-force software to crack passwords and infect cloud infrastructure with malicious code. A cloud service provider cooperated with Europol, helping uncover the suspect's identity and location.
During the months-long investigation, police searched three properties, leading to the eventual arrest. Europol set up a dedicated command post to coordinate with Ukrainian National Police in real-time.
The agency warned cloud users to strengthen security practices—emphasizing regular updates, patching, strong credentials, and professional cloud security tools to defend against similar threats.

📌 One-Minute Recap:
🔹 Ukrainian hacker used 5,000 accounts for illicit crypto mining

🔹 Damage exceeded $4.5 million; suspect faces up to 15 years

🔹 Authorities seized logins, crypto wallets, and mining tools

🔹 Europol helped with a similar 2023 arrest in Mykolaiv

🔹 Cloud attacks are on the rise—security must be a top priority

#CyberSecurity , #cybercrime , #CryptoCrime , #bitcoin , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Incident in Phuket: Crypto Debt Leads to Violent Robbery
Thai police have launched an investigation into two Russian nationals accused of assaulting and robbing their compatriot over a cryptocurrency debt. The incident occurred at a hotel in Karon, Phuket.
According to the local newspaper Khaosod, a 31-year-old man was attacked over a $120,000 debt linked to previous cryptocurrency transactions in Russia. The attackers, who were known to the victim, forced him to attempt unlocking his crypto wallet. When he refused, violence ensued.
Assault and Suspects’ Escape
One of the suspects, identified as Andrei, allegedly threatened to kill the victim if the debt was not paid. The victim was repeatedly punched, kicked, and eventually lost consciousness after being struck on the head. The attackers then stole $20,000 in cash and fled, leaving the victim tied up in the bathroom.
Investigators revealed that one suspect remained in Thailand, while the other, Dmitri, fled to Dubai. Arrest warrants have been issued, and Thai authorities are collaborating with immigration and police agencies to apprehend the suspects.
Cryptocurrencies as Targets of Violent Crime
Rising Value of Cryptocurrencies Attracts Criminals
The Phuket incident is part of a growing trend where cryptocurrencies play a role in severe criminal activities. The year 2024 saw numerous violent incidents linked to digital assets, ranging from kidnappings to extortion.
In July, a 29-year-old tourist in Kyiv was kidnapped and murdered as criminals attempted to seize his 3 bitcoins. Authorities described the event as a calculated plan that ended with the victim's death after the forced transfer of cryptocurrency failed.
Case in Costa Rica: Armed Robbery of Bitcoins
A similar case occurred in August on a beach in Costa Rica, where 11 Israeli tourists were robbed of a significant amount of bitcoins. The attackers, disguised as police officers, used firearms during the assault, raising concerns about the involvement of organized crime groups with police training.
Cryptocurrencies: Valuable Targets That Attract Danger
As cryptocurrencies grow in popularity, incidents of violence and crime associated with these digital assets are on the rise. This trend underscores the need for enhanced security measures and better protection for investors on a global scale.

#CryptoCrime , #Bitcoin❗ , #CryptoSafety , #cybercrime , #CryptoScamAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Seized Notebooks Revealed Sophisticated Scams
Hong Kong police uncovered a sophisticated fraud scheme that used artificial intelligence to deceive victims. The investigation led to the seizure of over HK$34 million (approximately USD 3.37 million). Notebooks confiscated by law enforcement revealed the criminals' methods, including the use of deepfake technology to appear more convincing.
How the Fraudsters Lured Their Victims
The fraudsters pretended to be wealthy single women, crafting stories about interests such as learning Japanese, playing golf, or tasting luxury wines worth over HK$100,000 (USD 12,850) per bottle. These methods were documented in the notebooks seized during the operation.
The investigation resulted in the arrest of 31 individuals connected to a criminal syndicate. This group used artificial intelligence to create realistic images of attractive women, which were then used to lure victims into romantic and investment scams.
The Problem of Deepfake Scams
Byron Boston, a former police officer and CEO of Crypto Track, warned that the combination of deepfake technology and social engineering presents significant challenges for investigators and law enforcement. AI-generated images make criminals more convincing and enable them to execute more complex scams.
Boston highlighted an incident from November 2022, where a fake video impersonating FTX founder Sam Bankman-Fried was used in a phishing attack targeting FTX users. This incident demonstrates how deepfake technologies can be exploited to steal cryptocurrency assets from victims.
Scams Targeting Young People
Confiscated materials revealed that the fraudsters specifically targeted young people seeking quick earnings. Victims were often convinced they were communicating with ideal women from Taiwan, Singapore, and Malaysia.
Challenges in Combating These Crimes
Boston emphasized that effective collaboration and swift action are key to fighting these sophisticated scams. However, he noted that many local law enforcement agencies, particularly in the U.S., lack the necessary tools and expertise to track stolen cryptocurrency or cooperate with international exchanges.
Criminals leveraging technologies like deepfake and social engineering remain a significant challenge for security forces worldwide.

#Deepfake , #CryptoFraud , #CryptoScams , #cybercrime , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Armed Kidnapping Leads to Crypto Ransom Demand
A shocking kidnapping took place in Chicago, where six men forcibly abducted a three-member family and their nanny, demanding a $15 million cryptocurrency ransom.
According to a February 12 report by the Chicago Tribune, citing an unsealed FBI affidavit, the kidnappers knocked on the family’s door under the pretense that they had accidentally damaged their garage door. Once inside, they forced their way in at gunpoint.
The abductors then forced the family into a van, taking them first to a rented Airbnb about an hour away and later transferring them to another house.
Five Days in Captivity and a Cryptocurrency Ransom
The kidnappers demanded a ransom in Bitcoin, Ethereum, and other cryptocurrencies, threatening to kill the victims if their demands were not met.
📌 The victims were held captive for five days.
📌 One of the abductees managed to contact his father via the WeChat app, informing him about the kidnapping.
📌 On November 1, the family was released and sought help at a nearby dry cleaner before taking an Uber to a hospital.
While it was reported that $15 million in cryptocurrency was transferred, U.S. authorities have only been able to recover $6 million so far.
Six Suspects Indicted for the Kidnapping
On December 13, six men were officially charged in connection with the abduction.
The only suspect arrested so far is 34-year-old Zehuan Wei, who was detained on January 17 while attempting to re-enter the U.S. from Mexico.
🔹 Other suspects: Fan Zhang, Huajing Yan, Shengnan Jiang, Shiqiang Lian, and Ye Cao.
🔹 Some of them are believed to have fled to China after Wei’s arrest.

Key Evidence Collected by U.S. Authorities
Investigators gathered crucial evidence, including:
✅ Airbnb records where the victims were held.
✅ Analysis of cryptocurrency wallets to trace the ransom transactions.
✅ Search of a white Ford van used by the kidnappers.
🔹 DNA samples were taken from a white Chrysler Pacifica, rented by Wei on October 29.
🔹 Authorities matched surveillance footage with a photo of Ye Cao, captured by U.S. Customs and Border Protection.
🔹 Driver’s licenses of other suspects were analyzed for identity verification.
📌 At least two victims were able to identify some of the alleged kidnappers from photographs.
The investigation is ongoing, with U.S. authorities working to track down the remaining suspects and recover the stolen cryptocurrency.

#CryptoNewss , #CryptoSecurity , #cybercrime , #CryptoSecurity , #CryptoScamAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

More than 100,000 user records allegedly linked to cryptocurrency exchange Gemini have surfaced for sale on the dark web, sparking renewed concerns about data security in the crypto space.
According to a March 27 report from The Dark Web Informer, a threat actor using the alias “AKM69” claimed to possess a large trove of Gemini user data, including full names, emails, phone numbers, and location data. Most entries are said to originate from the United States, with others allegedly tied to users in the UK and Singapore.
While Gemini has not officially commented on the matter, it's currently unclear whether the data originated directly from its internal systems or via third-party vulnerabilities, such as phishing attacks or compromised user devices.
Not an Isolated Case: Binance Data Leak Claims Resurface
The Gemini incident comes just one day after a similar threat emerged involving Binance. A user going by “kiki88888” reportedly offered over 132,000 lines of Binance user data—including emails and passwords—for sale.
The Dark Web Informer speculated that the Binance data might have originated from compromised endpoints, rather than Binance itself. Users were cautioned to avoid suspicious links and emails, highlighting the ongoing risk of phishing attacks.
Notably, Binance has previously denied such claims, stating that its internal investigation found no breach in its core systems. In a past 2023 incident, an anonymous user “FireBear” had claimed access to 12.8 million user records, including names, email addresses, and home addresses. Binance responded by reaffirming that its security systems were uncompromised.
Crypto Data Breaches: A Broader Industry Problem
These incidents reflect a wider trend of data exposure across the crypto industry:
In November 2023, Nigerian crypto exchange Bitnob reportedly exposed over 250,000 KYC documents due to misconfigured Amazon Web Services (AWS) storage.In December 2023, a breach affected over 58,000 customers of Byte Federal, a U.S.-based Bitcoin ATM operator.In January 2024, cybersecurity firm SlowMist warned that over 7 million email addresses from a 2022 OpenSea data leak had been fully exposed—leaving users vulnerable to phishing scams.

Despite these incidents, it’s important to note that many platforms, including Binance, emphasize that their internal infrastructure remains secure and that most recent threats likely stem from individual user security lapses.
As always, users are encouraged to practice safe online behavior, enable two-factor authentication, and avoid clicking on suspicious links or sharing credentials.

#CryptoScamAlert , #CyberSecurity , #darkweb , #cybercrime , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Ransomware Attacks Surge, but Payouts Decline
Despite a significant rise in ransomware attacks in 2024, the total ransom payments from victims dropped by 35%, as more companies and individuals refused to comply with hackers' demands.
According to the Chainalysis Cybercrime Report, ransomware generated less revenue compared to the previous year, even though hacker activity intensified.
Declining Payouts Despite Increasing Attacks
🔹 Total ransomware payments in 2024 reached $813 million, down from a record $1.25 billion in 2023.
🔹 The first half of the year saw a 2.3% increase in successful extortion attempts.
🔹 The Dark Angels Group alone collected $75 million.
🔹 However, in the second half of the year, law enforcement efforts significantly disrupted ransomware operations.
Law Enforcement Crackdowns Disrupt Cybercrime Operations
🔹 Enhanced investigative techniques, sanctions, and asset seizures severely impacted cybercriminal networks.
🔹 The shutdown of the Russian crypto exchange Cryptex and Germany's crackdown on 47 Russian platforms weakened ransomware-related money laundering.
According to Jacqueline Burns Koven, Head of Cyber Threat Intelligence at Chainalysis, criminals became more cautious when moving funds through centralized exchanges (CEX). However, non-KYC platforms remain the preferred method for converting stolen crypto into fiat.

Ransomware Victims Increasingly Refuse to Pay
🔹 Less than 50% of ransomware attacks resulted in payouts.
🔹 Those who did comply paid up to $250,000 in ransom on average.
🔹 With improved tracking tools and stronger investigations, more victims chose not to pay, despite the growing frequency of attacks.
Cybercriminals Adapt to Heightened Security Measures
🔹 Hackers are evolving, developing new tactics to bypass security defenses and pressure victims into paying.
🔹 New ransomware variants are emerging, often derived from leaked, rebranded, or purchased code.
🔹 Attacks are now executed faster, with ransom negotiations starting within hours of data exfiltration.
Ransomware operations now range from state-sponsored hackers to ransomware-as-a-service (RaaS) groups and independent cybercriminals. One of the most notable recent cases was the data theft from cloud service provider Snowflake.
While ransomware tactics continue to evolve, enhanced cybersecurity efforts and law enforcement actions are making it harder for cybercriminals to profit. 🚨

#CyberSecurity , #hacking , #cryptohacks , #cybercrime , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“