A dark web marketplace named BidenCash has released a massive file of 1.2 million credit cards data to promote the marketplace, allowing anyone to download them for free to conduct financial fraud.
BidenCash is a stolen cards marketplace launched in June 2022, which until now has leaked a few thousand cards as a promotional move to assure potential buyers of its credibility.
Carding is the trafficking and use of credit cards stolen through point-of-sale malware, magecart attacks on websites, or information-stealing malware.
It is also a form of credit card fraud in which a stolen credit card is used to charge a prepaid card or make purchases online.
The threat actors announced the credit card dump on the 12th October on new URLs BidenCash launched late last month in response to DDoS (distributed denial of service) attacks, so it could simply be a way to promote the new domains.
To ensure larger reach, the cyber criminals distributed the collection via a clearnet domain and on other hacking and carding forums.
The freely circulating file contains a mix of 1,221,551 “fresh” cards expiring between 2023 and 2026 from around the world, but most entries appear to be from the United States.
The dump of 1,221,551 million credit cards includes the following credit card and associated personal information:
- Card number
- Expiration date
- CVV number
- Holder’s name
- Bank name
- Card type, status, and class
- Holder’s address, state, and ZIP
- Email address
- Phone number
Not all the above details are available for all the records, but most entries contain over 70% of the data types.
The “special event” offer was first spotted by Italian security researchers at D3Lab, who monitors carding sites on the dark web.
The analysts claim these cards mainly come from web skimmers, which are malicious scripts injected into checkout pages of hacked e-commerce sites that steal submitted credit card and customer information.
Authenticity of the dump
Dark web posts and offers of this size are usually scams, so the massive release of cards could easily be fake data or recycled data from old dumps repackaged under a new name.
From the data D3Labs has examined so far, about 30% appear to be fresh, so if this applies roughly to the entire dump, at least 350,000 cards would still be valid.
Of the Italian cards, roughly 50% have already been blocked due to the issuing banks having detected fraudulent activity, which means that the actually usable entries in the leaked collection may be as low as 10%.
Nonetheless, it is still a stirring wake up call to the industry to do more to ensure that users of their card products are informed of best practices to protect themselves from fraudulent activity on their cards.
The post Alert: BidenCash marketplace gives away data on 1.2 million credit cards appeared first on Payments Cards & Mobile.