One of the most notorious dark web carding markets, BidenCash, has shared a third credit card dump that contains data of about 2 million users. Our researchers from iZOOlogic discovered that most of these dumped credit cards came from web skimmers.
The dark web carding market exposed this data for their celebratory promotion. Their anniversary has become popular for many cybercriminals since they give free stolen credit-card data instead of offering discounts.
BidenCash leaked troves of data for free that contain critical information.
According to our researchers, the BidenCash anniversary celebration has leaked tons of critical information that includes essential data, such as full names, card numbers, bank details, card verification value (CVV) numbers, and expiration dates.
In addition, the dataset also includes home and email addresses connected to the stolen cards. Furthermore, the observed tally concluded that this massive data leak affected the United States most since the data exposure impacted nearly 970,000 individuals.
The countries also affected by the anniversary leak include Mexico, China, the United Kingdom, Canada, and India. The group’s admins also presented nearly 500,000 unique email addresses in the list.
However, many relevant individuals in the cybersecurity industry have been caught off guard by this celebration since BidenCash debuted in June last year. Hence, it is confusing why the operators celebrated three months early.
Unfortunately, this is not new to many, as the BidenCash admins organised a similar promotion campaign last year. In October, the BidenCash operators presented a dataset that contains more than 1.2 million stolen cards to different users and threat actors.
Carding is an illegal use of stolen credit card data. These transactions could include purchasing prepaid gift cards that might cover the tracks of money launderers and criminals. Other threat groups could also exploit the data these carding platforms offer.
Our iZOOlogic researchers advise users who have been victims of skimming attacks to be wary of unsolicited communications, as different individuals might have obtained data from the anniversary promotion. Lastly, credit card users should constantly review their transactions for malicious activities.
