The dark web carding site ‘BidenCash’ has leaked a fresh pack of 2,141,564 unique credit cards, with almost half of them belonging to holders in the United States.
The leak occurred on February 28, 2023, and based on the analysis of multiple cyber-intelligence firms, including Flashpoint, Cyble, and D3Lab, the data appears to be authentic.
The details contained in the leaked records include full card numbers, expiration dates, CVV numbers, holder’s name, bank name, card type, and status. In some cases, the records also contain additional holder details such as email addresses, phone numbers, home addresses, and social security numbers.
This is the third time BidenCash has released a massive card dump for free, which happens for promotional reasons. The first included tens of thousands of cards and occurred on the site’s launch in June 2022. A second promotional event took place on October 2022, when the platform gave away 1.2 million credit cards.
The card details are stolen by skimmers injected on the checkout pages of compromised e-commerce sites that can siphon the ordering details that customers enter in the forms.
The pack that BidenCash gives away for free this time includes the following:
- 965,000 credit cards from U.S. holders
- 97,000 from Mexico
- 97,000 from China
- 85,000 from the UK
- 36,000 from Canada
- 35,000 from India
- 23,000 from Italy
- 22,000 from African countries
- 20,000 from Australia
- 20,000 from Brazil
The most impacted banks, according to Cyble, are Chase Bank (119,000 cards), Bank of America (99,000 cards), Wells Fargo Bank (62,500 cards), Capital One Bank (51,000 cards), and Citibank (48,000 cards).
The majority of the leaked cards, roughly 70% according to Flashpoint, expire in 2023. This means that they’re still valid and exploitable, but their value in the dark web market has dropped, considering that there’s not much time left for brokers to sell them or buyers to utilize them.
Typically, cybercriminals who purchase these credit cards use them to perform online purchases and then circulate the goods to a network of “money mules.” Those agents then carry out money laundering by reselling the items to other people and keeping a cut of the proceeds.
Preliminary D3Lab’s analysis has shown that the dump also contains 497,000 unique email addresses from 28,000 domains, which increases the risk of the exposed individuals getting scammed, phished, or impersonated.
Card holders are advised to closely monitor their statements and report suspicious transactions they don’t recognize to their bank to freeze the account before significant amounts are lost.
Finally, when paying on online shops, prefer to use electronic payment methods instead of debit or credit cards, or use a private one-time cards with a refundable balance.
Leave a Reply