BidenCash carding shop released another advertisement dump, including information on 1,221,551 credit cards. The dump is available to anyone for free.
Last month, BidenCash launched new domains in response to distributed denial-of-service attacks. BidenCash publicized their offer on these new domains, possibly to promote them, as well as on their clearnet website and other hacking forums.
Along with credit card numbers, the dumped data lists:
- Expiration dates
- CVV numbers
- Holders’ name
- Bank names
- Addresses
- Emails
- Social security numbers
- Phone numbers
Another Promotional Campaign
BidenCash made the same move when the carding site was newly launched, on June 16, in order to boost it. The shared file had approximately 8 million lines of information, including email addresses, with about 6,700 credit cards.
The card information offered in the BidenCash marketplace is gathered using a variety of website skimmer and infostealer malware attacks.
SOCRadar continuously monitors cybercriminal forums for fraudulent activity and can detect if your credit card information is stolen and ends up in dark web channels. You can search SOCRadar’s Breach Database to find out if your sensitive data is shared in blackmarkets.
Conclusion
Most of the records in the dump appear to be from the United States and contain credit card information with expiration dates between 2023 and 2026.
The “bigger leak” may be fake or old data that has been recycled, as large-scale dark web posts and offers are frequently frauds. Although, D3Lab has confirmed that about 30 percent of the data offered by BidenCash is new, and some valid data is related to Italian banks.
