Dark web researchers from iZOOlogic have recently found that a new underground marketplace, BidenCash, has leaked over 8 million records worth of victims’ credit and debit cards on a cybercrime forum – available for anyone to use.
Despite being set up in the latter part of April of this year, BidenCash has kept its carding services to a lower scale due to being unable to accommodate wider operations. However, the malicious threat group might have gradually been expanding their activities upon this recent data dump found on their cybercriminal forum account that involved millions of financial data from numerous victims worldwide.
Based on the analysis of the incident, the data leak has massively impacted numerous victims from multiple locations and is considered one of the largest data dumps that compromised users’ credit and debit cards published on any digital space.
As a newly launched malicious carding site, BidenCash promoted its marketplace platform by claiming a leak of over 8 million banking records, available for free.
For instance, the carding site included sensitive financial data from Indian banks in their data dump, with about 161,109 compromised credit and debit cards from the said country. iZOOlogic’s research team has acquired this massive database and will continue analysing the incident to learn more about the new threat group and their activities.
It is also believed that aside from the banking records, other sensitive data are included in the massive leak launched by the BidenCash group.
These malicious carding sites present on underground forums have been widespread for a long time. Based on the previous observations of the activities of such groups, they have harvested these data through different cyber-attack vectors, including planting web skimmers on e-commerce websites, allowing them to steal the banking card information of customers from different geographies.
Under these circumstances, everyone, especially those that actively purchase from shops online, must be wary of all transactions being charged to their bank accounts. In any cases of suspicious transactions, users must immediately report to the authorised service providers from their respective banks.
It is also important to apply multi-factor authentication on your bank accounts to ensure added security against the risks of being victimised by cybercriminals, such as BidenCash.