SOCRadar® Cyber Intelligence Inc. | Massive Data Leak by BidenCash: 1.9M Credit Card Details Exposed on Hacker Forum


Dec 21, 2023
3 Mins Read

Massive Data Leak by BidenCash: 1.9M Credit Card Details Exposed on Hacker Forum

The SOCRadar Dark Web Team detected a significant data breach on a hacker forum, revealing the leak of 1.9 million credit card details by BidenCash, a carding market initiated in June 2022.

Since its emergence, BidenCash has actively promoted its marketplace in various hacking forums and occasionally leaked credit card data to the public for use by other threat actors. The card information featured by the BidenCash marketplace is typically acquired through diverse website skimmer and infostealer malware attacks.

To boost its newly launched site in 2022, the marketplace disclosed 8 million lines of information, including email addresses, along with approximately 6,700 credit cards.

In October 2022, the BidenCash carding marketplace released another advertising dump, expanding the size of the leak to include details on 1,221,551 credit cards.

Fast forward to 2023, in February, BidenCash leaked approximately 2.1 million credit card details on a Russian hacker forum. The timeline illustrates a consistent effort and increase in the number of credit cards, proving the escalating impact of the BidenCash marketplace.

Details of the Latest BidenCash Leak and Threat Actor’s New Buyer Protection Method

BidenCash mentioned the 1.9 million credit card numbers in a recent post on a hacker forum, in which it also claimed to have implemented a buyer protection system.

The leak post by BidenCash

According to the threat actor’s post, the system is intended to ensure the freshness of the data and penalize suppliers for stale materials via real-time tracking; the use of such method signals an evolution in the underground market.

Read the full message below:

“We exert maximum effort to ensure the safety of our clients and are ready to demonstrate the effectiveness of our buyer protection system. Our systems automatically and in real-time tracks publicly available cards on Telegram channels, Discord chats, and forums to prevent unscrupulous suppliers from using outdated material. If a card sold by us is found publicly available, we impose a fine on the supplier. If a supplier’s materials regularly appear in public, they are blocked. Our unique system, applied only on our platform, reflects our commitment to our reputation. Over the past month, the system has detected over 1,900,000 cards.”

The threat actor concluded the post by announcing the establishment of a dedicated Telegram channel to showcase the effectiveness of their buyer protection system.

Monitor Exposures on the Dark Web with SOCRadar

This leak by BidenCash poses a serious threat to potentially millions of individuals, exposing them to the dangers of unauthorized transactions and identity theft. Therefore, the financial sector and cardholders must remain vigilant against potential fraudulent activities.

The substantial scale of the leak by BidenCash underscores the ongoing threat of financial cybercrime, highlighting the crucial need for robust cybersecurity measures and real-time fraud monitoring systems.

Utilize SOCRadar’s Dark & Deep Web Monitoring capabilities to mitigate the impact of such incidents. You can track the latest data exposures and other incidents on threat actor channels through Dark Web News feature.

SOCRadar’s Dark Web News
SOCRadar’s Dark Web News

Furthermore, SOCRadar consistently monitors cybercriminal forums for fraudulent activity and can identify if your private, corporate, or credit card information is stolen, and if it ends up exposed in dark web channels. Through SOCRadar’s Dark Web Monitoring feature, you can check whether your sensitive data is shared in hacker channels.

SOCRadar’s Dark Web Monitoring
SOCRadar’s Dark Web Monitoring