The notorious carding marketplace BidenCash recently released information on more than 2.1 million credit and debit cards. The criminal site uses the president’s name and photo to trade in stolen data. Carding marketplaces, also referred to as card shops, are cybercrime websites that facilitate the trading and unauthorized use of stolen payment card details. The site active for less than a year, BidenCash has quickly become one of the top carding marketplaces, making a name for itself by releasing the details of hundreds of thousands of cards in June 2022. In October 2022, it released the details of more than 1.2 million stolen cards, for free.[1]
The new data dump, the largest associated with the illicit portal so far, is meant to attract new customers, especially since most of the released cards are approaching expiration.
Records Country
965,846 UNITED STATES
97,665 MEXICO
97,003 CHINA
86,313 UNITED KINGDOM
36,906 CANADA
36,672 INDIA
23,009 ITALY
22,798 SOUTH AFRICA
21,361 AUSTRALIA
19,700 BRAZIL
Most records leaked by country (Cyble)
It is estimated that 70% of the leaked cards expire in 2023, cyber threat investigators reported. They also note that half of the cards belong to US-based people or entities. According to threat intelligence provider Cyble, the dump contains more than 740,000 credit cards and over 810,000 debit cards, as well as roughly 300 charge cards. Some of the cards expire in 2052, the company says. The cards were released on a top-tier Russian-speaking dark web forum and included card numbers and expiration dates, CVV numbers, and bank names.
In the leak, BidenCash also included the personally identifiable information (PII) of the victims, such as names, addresses, email addresses, and phone numbers.
See: https://redskyalliance.org/xindustry/credit-card-numbers
While the release of expired or about-to-expire cards might not seem too much of a threat, cybercriminals are known to purchase such information as means of gathering information on their potential victims. The presence of email addresses and full information (commonly referred to as ‘Fullz’ by cybercriminals) will make the victims of this leak vulnerable to other attacks, such as phishing, identity theft, and scams, long past the expiration of their card details.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.securityweek.com/cybercrime-marketplace-leaks-over-2-1-million-payment-cards/
Comments