darkweb

U.S. law enforcement has delivered a significant blow to cybercrime by shutting down the dark web marketplace BidenCash, seizing 145 associated domains and cryptocurrency funds linked to its illegal operations. Since launching in March 2022, BidenCash served over 117,000 users and facilitated the trade of stolen credit card data worth more than $17 million.

BidenCash: A Hub for Stolen Financial Data
The platform operated as a marketplace for cybercriminals to trade over 15 million credit card numbers along with personally identifiable information, including names, addresses, emails, and phone numbers. These data sets enabled buyers to commit identity theft and financial fraud. In addition to credit card details, BidenCash also sold compromised computer login credentials used for unauthorized system access.
The operators of BidenCash charged fees on each transaction and provided a user-friendly interface that made the illicit trade easy and efficient. In a bold marketing move, the platform distributed over 3 million stolen credit card numbers for free in October 2022 and February 2023, aiming to attract new users and gain credibility in criminal circles.

Coordinated U.S. and International Takedown
The operation, led by the U.S. Department of Justice and the U.S. Attorney's Office for the Eastern District of Virginia, was supported by the FBI, U.S. Secret Service, and several international partners. Key contributors included the Netherlands’ National High Tech Crime Unit, Shadowserver Foundation, and cybersecurity firm Searchlight Cyber.
As part of the operation, authorities seized 145 domain names now redirected to law enforcement-controlled servers. In addition, crypto assets linked to the platform’s illegal profits were frozen to prevent further criminal use and send a strong deterrent message to similar operators.

Part of a Broader Crackdown on Crypto-Enabled Crime
The dismantling of BidenCash follows May’s Operation RapTor, during which 270 individuals were arrested across 10 countries and assets worth over $200 million—including hundreds of millions in crypto—were seized. Authorities also shut down several drug trafficking platforms on the dark web.
This latest success underscores that while the crypto space offers a degree of anonymity, coordinated action between global law enforcement agencies continues to make real progress in the fight against cybercrime.

#cybercrime , #darkweb , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

More than 100,000 user records allegedly linked to cryptocurrency exchange Gemini have surfaced for sale on the dark web, sparking renewed concerns about data security in the crypto space.
According to a March 27 report from The Dark Web Informer, a threat actor using the alias “AKM69” claimed to possess a large trove of Gemini user data, including full names, emails, phone numbers, and location data. Most entries are said to originate from the United States, with others allegedly tied to users in the UK and Singapore.
While Gemini has not officially commented on the matter, it's currently unclear whether the data originated directly from its internal systems or via third-party vulnerabilities, such as phishing attacks or compromised user devices.
Not an Isolated Case: Binance Data Leak Claims Resurface
The Gemini incident comes just one day after a similar threat emerged involving Binance. A user going by “kiki88888” reportedly offered over 132,000 lines of Binance user data—including emails and passwords—for sale.
The Dark Web Informer speculated that the Binance data might have originated from compromised endpoints, rather than Binance itself. Users were cautioned to avoid suspicious links and emails, highlighting the ongoing risk of phishing attacks.
Notably, Binance has previously denied such claims, stating that its internal investigation found no breach in its core systems. In a past 2023 incident, an anonymous user “FireBear” had claimed access to 12.8 million user records, including names, email addresses, and home addresses. Binance responded by reaffirming that its security systems were uncompromised.
Crypto Data Breaches: A Broader Industry Problem
These incidents reflect a wider trend of data exposure across the crypto industry:
In November 2023, Nigerian crypto exchange Bitnob reportedly exposed over 250,000 KYC documents due to misconfigured Amazon Web Services (AWS) storage.In December 2023, a breach affected over 58,000 customers of Byte Federal, a U.S.-based Bitcoin ATM operator.In January 2024, cybersecurity firm SlowMist warned that over 7 million email addresses from a 2022 OpenSea data leak had been fully exposed—leaving users vulnerable to phishing scams.

Despite these incidents, it’s important to note that many platforms, including Binance, emphasize that their internal infrastructure remains secure and that most recent threats likely stem from individual user security lapses.
As always, users are encouraged to practice safe online behavior, enable two-factor authentication, and avoid clicking on suspicious links or sharing credentials.

#CryptoScamAlert , #CyberSecurity , #darkweb , #cybercrime , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Darkweb actors claim to have over 100K of Gemini, Binance user info.
Darkweb threat actors claim to have hundreds of thousands of user records — including names, passwords and location data — of Gemini and Binance users, putting the apparent lists up for sale on the internet. The Dark Web Informer, a Darkweb cyber news site, said in a March 27 blog post that the latest sale is from a threat actor operating under the handle AKM69, who purportedly has an extensive list of private user information from users of crypto exchange Gemini. “The database for sale reportedly includes 100,000 records, each containing full names, emails, phone numbers, and location data of individuals from the United States and a few entries from Singapore and the UK,” the Dark Web Informer said. Source: Dark Web Informer. “The threat actor categorized the listing as part of a broader campaign of selling consumer data for crypto-related marketing, fraud, or recovery targeting.”. Gemini didn’t immediately respond to Cointelegraph’s request for comment. A day earlier, Dark Web Informer said another user, kiki88888, was offering to sell Binance emails and passwords, with the compromised data reportedly containing 132,744 lines of information. Advertisement. Trade 275+ cryptocurrencies with the Kraken App. Enjoy world-class security, low fees, and 24/7 customer support.
Source: Dark Web Informer. Binance says leaked info came through phishing, not data leak. Speaking to Cointelegraph, Binance said the information on the dark web is not the result of a data leak from the exchange. Instead, it was a hacker who collected data by compromising browser sessions on infected computers using malware. In a follow-up post, the Dark Web Informer also alluded to the data theft being a result of user’s tech being comprised rather than a leak from Binance, saying, “Some of you really need to stop clicking random stuff.”. Source: Dark Web Informer. In a similar situation last September, a hacker under the handle FireBear claimed to have a database with 12.8 million records stolen from Binance, with data including last names, first names, email addresses, phone numbers, birthdays and residential addresses, according to reports at the time. Binance denied the claims, dismissing the hacker’s claim to have sensitive user data as false after an internal investigation from their security team. Related: Binance claims code leak on GitHub is ‘outdated,’ poses minor risk. This isn’t the first cyber threat targeting users of major crypto exchanges this month. Australian federal police said on March 21 they had to alert 130 people of a message scam aimed at crypto users that spoofed the same “sender ID” as legitimate crypto exchanges, such as Binance. Another similar string of scam messages reported by X users on March 14 spoofed Coinbase and Gemini attempting to trick users into setting up a new wallet using pre-generated recovery phrases controlled by the fraudsters. Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis.
These All information I get from coin glass app article.please reconferm about it.#BinanceLaunchpoolGUN #MarketPullback #VoteToListOnBinance #darkweb #DataTheftAlert

In 2012, Jimmy Zhong pulled off one of the boldest cryptocurrency heists in history. It all started on the Silk Road, the infamous dark web marketplace. Zhong discovered a critical loophole—a glitch that turned the withdrawal button into a money-printing machine.

Every time he hit withdraw, he received more Bitcoin than he deposited. This digital jackpot allowed him to siphon 51,860 BTC, valued at $700,000 back then but ballooning to an eye-watering $3.3 billion over the years.

Life of Luxury

For nearly a decade, Zhong lived like royalty, skillfully laundering the stolen bitcoins through crypto mixers to obscure the trail. With his newfound fortune, he indulged in an extravagant lifestyle:

Stays at luxury hotels.
Shopping sprees at Gucci and Louis Vuitton.
A stunning lakeside home complete with boats and jet skis.
Private jet trips for friends to football games, handing out $10,000 shopping sprees like party favors.

He seemed untouchable—until he wasn’t.

The Beginning of the End

In 2019, his lavish world started to unravel. Zhong’s house was robbed, and he lost $400,000 in cash and 150 BTC. Panicking, he made a fateful decision: he called the cops.

While this incident placed him on the authorities' radar, his biggest mistake came later. He mixed $800 from the stolen money with his own funds on a KYC (Know Your Customer) exchange. This seemingly small act created a breadcrumb trail that led straight to him.

The Bust

In 2021, law enforcement raided his home and uncovered a shocking stash:

50,676 BTC hidden inside a Cheetos popcorn tin. 🧀
$660,000 in cash, silver, and gold bars.

Zhong was arrested, and his empire collapsed. Despite stealing billions, he received a relatively light sentence: one year in prison.

The Lesson

Jimmy Zhong’s story is a cautionary tale of greed, hubris, and how a single misstep can unravel years of deception. His journey from dark web hacker to billionaire—and eventual downfall—is a stark reminder that in the world of crypto:

Privacy is paramount.
Even the smallest mistake can have colossal consequences.

What started as an audacious heist ended in disgrace, proving that even the best-laid schemes can come undone.

#CryptoHeist #Bitcoin #DarkWeb

In the evolving landscape of cryptocurrency transactions, the recent developments surrounding a major darknet marketplace, Incognito Market, serve as a stark reminder of the inherent risks and complexities involved. As of Tuesday, March 5, users of Incognito Market have reported being unable to withdraw their funds in Bitcoin (BTC) and Monero (XMR), amidst growing suspicions of an exit scam. This situation has prompted a broader discussion about the security and trustworthiness of online marketplaces, especially those operating on the dark web.
Incognito Market, known primarily as a hub for narcotics trading, is estimated to be valued between $10 million to $30 million, according to cyberthreat intelligence provider Dark Web Informer. The suspicions of an exit scam were fueled by user complaints regarding failed cryptocurrency withdrawals, which led to an official response from the market’s administrator, known as “Pharoah.” In a post on Dread, a Reddit-like platform for the darknet, Pharoah attempted to reassure users that the withdrawal issues were temporary, attributed to changes in the market’s withdrawal systems.
However, the situation escalated when Hugbunter, a well-known dark web security sleuth and administrator, disclosed a conversation with Pharoah, in which a bribe was allegedly offered to silence discussions about Incognito’s withdrawal problems. Hugbunter’s confirmation of the exit scam is a significant blow to the market’s credibility and highlights the precarious nature of darknet marketplaces.
This incident coincides with a period of significant activity in the cryptocurrency markets, where Bitcoin recently surpassed its previous all-time high, reaching just above $69,200, and Monero experienced a notable increase in value. These market movements underscore the attractiveness of cryptocurrencies for both legitimate and illicit transactions.
The Chainalysis 2024 Crypto Crime Report sheds light on the broader context, revealing that darknet marketplaces received at least $1.7 billion in revenue in 2023. This marks a recovery from the previous year, which saw the shutdown of Hydra, the world’s largest darknet marketplace. The report notes the emergence of smaller marketplaces like Mega Darknet Market, which have thrived by catering to specific niches and adopting specialized roles.
The Incognito Market case illustrates the critical challenges facing the crypto community, especially regarding the security of assets and the trustworthiness of platforms facilitating transactions. For stakeholders in the crypto space, including users, investors, and regulatory bodies, this incident emphasizes the need for vigilance, due diligence, and the development of more robust mechanisms to protect against fraud and scams.
In the dynamic and often opaque world of cryptocurrency transactions, the Incognito Market saga is a cautionary tale that highlights the need for greater transparency, security, and accountability. As the crypto community continues to navigate these turbulent waters, the lessons learned from this incident will undoubtedly inform future discussions on how to create a safer and more reliable digital asset ecosystem.
$BTC

#BTC #Monero #darkweb #scam

Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Binance told Cointelegraph the data is not the result of a leak from the exchange but instead is a result of the hacker collecting data using malware on infected computers.

Darkweb threat actors claim to have hundreds of thousands of user records — including names, passwords and location data — of Gemini and Binance users, putting the apparent lists up for sale on the internet.

The Dark Web Informer, a Darkweb cyber news site, said in a March 27 blog post that the latest sale is from a threat actor operating under the handle AKM69, who purportedly has an extensive list of private user information from users of crypto exchange Gemini.

“The database for sale reportedly includes 100,000 records, each containing full names, emails, phone numbers, and location data of individuals from the United States and a few entries from Singapore and the UK,” the Dark Web Informer said.

“The threat actor categorized the listing as part of a broader campaign of selling consumer data for crypto-related marketing, fraud, or recovery targeting.”
Gemini didn’t immediately respond to Cointelegraph’s request for comment.

A day earlier, Dark Web Informer said another user, kiki88888, was offering to sell Binance emails and passwords, with the compromised data reportedly containing 132,744 lines of information.

Binance says leaked info came through phishing, not data leak
Speaking to Cointelegraph, Binance said the information on the dark web is not the result of a data leak from the exchange. Instead, it was a hacker who collected data by compromising browser sessions on infected computers using malware.

In a follow-up post, the Dark Web Informer also alluded to the data theft being a result of user’s tech being comprised rather than a leak from Binance, saying, “Some of you really need to stop clicking random stuff.”

In a similar situation last September, a hacker under the handle FireBear claimed to have a database with 12.8 million records stolen from Binance, with data including last names, first names, email addresses, phone numbers, birthdays and residential addresses, according to reports at the time.

Binance denied the claims, dismissing the hacker’s claim to have sensitive user data as false after an internal investigation from their security team.
This isn’t the first cyber threat targeting users of major crypto exchanges this month. Australian federal police said on March 21 they had to alert 130 people of a message scam aimed at crypto users that spoofed the same “sender ID” as legitimate crypto exchanges, such as Binance.
Another similar string of scam messages reported by X users on March 14 spoofed Coinbase and Gemini attempting to trick users into setting up a new wallet using pre-generated recovery phrases controlled by the fraudsters.

Always Use 2 Step Verification
And Keep Your Big Funds in Wallets Like Metamask and Trust.
#pristrade #darkweb #Binance #Gemini #dataleak

Telegram has come under scrutiny following a major revelation: blockchain analytics firm Elliptic has uncovered a massive illicit marketplace called Xinbi Guarantee, operated via Telegram and responsible for processing at least $8.4 billion in Tether (USDT). The platform was run by Xinbi Co. Ltd., a company based in Colorado, USA.

💸 A Dark Marketplace: Fraud, Money Laundering, and Fake Identities
On May 13, Elliptic announced that thousands of Telegram channels linked to Xinbi Guarantee were shut down following an investigation that revealed connections to widespread online fraud — including the infamous pig-butchering crypto scams and money laundering operations, primarily targeting victims in Southeast Asia.
The marketplace also facilitated the sale of fake IDs, stolen personal data databases, and even Starlink satellite equipment. Payments for these illicit services and goods were predominantly made in USDT, serving as the marketplace’s main currency.

📈 Explosive Growth: Users and Transaction Volume Soar
According to Elliptic, the growth of this illegal network was staggering. From just 119,000 users in August 2024, Xinbi Guarantee surged to 233,000 users by May 2025. Transaction volumes skyrocketed — in Q4 2024 alone, the platform received over $1 billion in inflows.
In total, the marketplace handled at least $8.4 billion in USDT, making Xinbi Guarantee one of the largest illicit crypto markets ever discovered.

🧨 Links to North Korean Money Laundering Operations
Elliptic’s research also found that Xinbi Guarantee was used to launder stolen crypto funds connected to North Korean hacking groups. In one incident, $235 million was stolen from India-based exchange WazirX, and around $220,000 in USDT was traced through addresses associated with Xinbi Guarantee.

🔒 Telegram Responds, but the Threat Persists
Following Elliptic’s findings, Telegram shut down thousands of channels associated with Xinbi Guarantee, as well as with Huione Guarantee, another major illegal crypto marketplace operating on a similar model.
Despite these takedowns, Elliptic warns that over 30 similar illegal markets are still active, using Telegram infrastructure and stablecoins to facilitate a wide range of crypto-related scams and cybercrimes.

⚠️ Summary:
🔹 Xinbi-linked Telegram marketplaces processed $8.4 billion in USDT

🔹 Activities included ID fraud, data trafficking, and crypto laundering

🔹 Some funds were linked to North Korean state-sponsored hackers

🔹 Telegram took action and removed thousands of related channels

🔹 Elliptic continues monitoring 30+ similar black market platforms

#CryptoCrime , #CryptoScamAlert , #CryptoRisks , #darkweb , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“