In the most recent news concerning the dark web carding marketplace ‘BidenCash,’ researchers revealed that the platform had published over 1.2 million credit card data for free public consumption, aiming to promote their carding marketplace and services.
Launched in June 2022, BidenCash sells stolen credit card data on the dark web through several methods, such as Magecart attacks, infostealing malware, and point-of-sale malware. The leak of massive card data has been the platform’s way of promoting its services to interested clients.
The massive credit card data dump of BidenCash was inspired by last year’s “AllWorld Cards” promotional event.
In August last year, another criminal carding marketplace ‘AllWorld Cards’ released one million credit cards for free online as part of their promotional tactic to enthuse clients to avail of their services. Researchers believe that the BidenCash operators were inspired by this move, thus launching the same promotional tactic.
BidenCash has distributed the data dump through a clearnet domain and on other underground forums to ensure the wider reach of their promotion. According to the researchers, the released data has credit card information mixed with those that expire between 2023 and 2026. Most of the entries on the file came from the US, with the minority coming from several countries worldwide.
Based on the analysis of the released credit card data, numerous details could be found, including users’ cardholders’ names, card numbers, expiration dates, CVV numbers, bank names, email addresses, addresses, SSNs, card types, and contact information.
Furthermore, the findings of this event revealed that the leaked credit card data came from web skimmers that injected malicious scripts on e-commerce websites’ checkout pages to collect submitted customer information and banking details.
Experts, nevertheless, highlight that these massive data dumps should be taken with a grain of salt since their operators could easily fake the data they included in the released files or recycle them from the old data dumps published by other groups.
On the other hand, some of the details found on the recent dump were verified to be authentic after analysts discovered that they aligned with the data from several banks in Italy. Meanwhile, some details on the dump were confirmed to be recycled from previous leaks.
The impacted Italian banks’ data had already blocked some user accounts after identifying some of them as already being used for fraudulent activities. For this reason, people are advised to monitor their banking and credit card accounts closely and report to authorities once suspicious transactions are detected.
