BidenCash, a dark web carding marketplace, has leaked over two million valid credit cards as part of its birthday anniversary promotion. The one-year-old leaked dataset contains card information from all over the world, with a significant number of them issued in the United States, China, Mexico, India, Canada, and the UK.
The leaked information includes cardholders’ full names, card numbers, bank details, expiration dates, card verification value (CVV) numbers, home addresses, and more than 500,000 email addresses.
The exact modus operandi of BidenCash is unclear; carding sites mostly obtain credit card data through various methods, including using information-stealing malware, phishing attacks, skimming, and exploiting vulnerabilities in point-of-sale (PoS) systems.
Usually, cybercriminals tend to use the dark web to sell such information. It is worth noting that the 260 MB of data is also leaked on a popular Russian language hacker forum.
Once the data is obtained, the carding site operators can sell the information to other cybercriminals or use it for fraudulent activities such as making unauthorized purchases or money laundering.
While this is not the first instance of BidenCash leaking credit card data, the timing of their “birthday anniversary promotion” seems questionable.
The authorities are investigating the incident, and affected cardholders are advised to monitor their accounts and report any suspicious activities to their banks.
Meanwhile, cybersecurity experts are calling for more robust measures to curb the proliferation of carding marketplaces and the use of stolen credit card information. As credit card fraud is an ongoing issue, individuals must be cautious with their personal information and regularly monitor their bank statements.
This incident should also serve as a reminder for financial institutions to take proactive measures to safeguard their customers’ data and systems from cybercriminals.
