Dark web carding site BidenCash gives 1.2M payment cards for free

BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its service.

Operators behind the popular dark web carding market ‘BidenCash’ have released a dump of 1,221,551 credit cards to promote their underground payment card shop. Multiple security firms, noticed the promotional activity, but the news was first reported by threat intelligence firm Cyble and the Italian firm D3Lab.

It is a great gift to fraudsters that can download for free the dump and use it for fraudulent activities.

The announcement of the availability of the dataset consisting of over 1.2 million credit and debit cards information on a notorious cybercrime forum mainly hosting Russian and English-speaking Threat Actors.

The leaked data includes 1,221,551 credit and debit card records containing credit card number, expiry date, 3-digit card verification value (CVV), card holder’s name, associated bank name, full address, date of birth, email, and phone number. The database also includes the social security numbers for cardholders in the United States.

According to threat intelligence Cyble, the payment card data belong to cardholders across the globe including US, Canada, India, Bangladesh, Saudi Arabia, UAE, Indonesia, Malaysia, and Singapore.

“Our detailed statistical analysis revealed that American Express (US) is impacted the most. The top ten countries with affected consumers are the United States, India, Brazil, the United Kingdom, Mexico, Turkey, Spain, Italy, Australia, and China.” reads the analysis published by Cyble.

BANK NAME	NO. OF CARDS LEAKED
AMERICAN EXPRESS, US	150,663
FISERV SOLUTIONS, LLC	24,491
WELLS FARGO BANK	18,818
THE FIFTH-THIRD BANK	18,007
ITAU UNIBANCO	16,130
U.S. BANK	13,268
BANK OF AMERICA	11,173
FIDELITY INFORMATION SERVICES, INC	10,767
JACK HENRY & ASSOCIATES	10,553
BARCLAYS BANK, US	7,669

COUNTRIES	NO. OF CARDS LEAKED
UNITED STATES	676,899
INDIA	158,626
BRAZIL	60,890
UNITED KINGDOM	24,233
MEXICO	21,156
TURKEY	16,171
SPAIN	14,993
ITALY	13,391
AUSTRALIA	12,671
CHINA	12,664

Underground carding marketplaces are crucial components of the cybercrime ecosystem, they facilitate the sale and purchase of payment card data. One of the most popular carding site was Joker Stash, its operators retired in February 2021 and shut down their servers and destroyed the backups.

According to Forbes, the administrator has amassed a billion dollars worth of Bitcoin with its activity.

After the retirement, other carding websites such as ‘Ferum Shop’, ‘UAS’, and ‘Trump Dump’ gained popularity in the underground marketplace.

“Since that time, we saw a rise in the emergence of several new debit and credit card shops to fulfill the illicit demand for compromised payment cards.” continues Cyble.

‘BidenCash’ was launched in April 2022 and was considered a low-profile credit card shop. The ability of its operators to periodically release fresh dumps and promotional lots for free increased rapidly increased its popularity.

In June 2022, BidenCash released over 7.9 million payment card data dating from 2019 to 2022 on a cybercrime forum. However, the dump only contained 6,581 records exposing credit card numbers.

Stolen payment card data are usually obtained through web skimming attacks.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, BidenCash)

[adrotate banner=”5″]

[adrotate banner=”13″]