BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its service.

Operators behind the popular dark web carding market ‘BidenCash’ have released a dump of 1,221,551 credit cards to promote their underground payment card shop. Multiple security firms, noticed the promotional activity, but the news was first reported by threat intelligence firm Cyble and the Italian firm D3Lab.

#BidenCash after 4 months shared a new credit card dump of over 1 million users! These cards mainly come from web skimmers! The archive contains: PAN, CVV2, Expiration date, Name, Surname, Shipping Address and Email! We are analyzing the data, more details soon! pic.twitter.com/bR1NuNdeSF— D3Lab (@D3LabIT) October 7, 2022It is a great gift to fraudsters that can download for free the dump and use it for fraudulent activities.

The announcement of the availability of the dataset consisting of over 1.2 million credit and debit cards information on a notorious cybercrime forum mainly hosting Russian and English-speaking Threat Actors.

The leaked data includes 1,221,551 credit and debit card records containing credit card number, expiry date, 3-digit card verification value (CVV), card holder’s name, associated bank name, full address, date of birth, email, and phone number. The database also includes the social security numbers for cardholders in the United States.

According to threat intelligence Cyble, the payment card data belong to cardholders across the globe including US, Canada, India, Bangladesh, Saudi Arabia, UAE, Indonesia, Malaysia, and Singapore.

“Our detailed statistical analysis revealed that American Express (US) is impacted the most. The top ten countries with affected consumers are the United States, India, Brazil, the United Kingdom, Mexico, Turkey, Spain, Italy, Australia, and China.” reads the analysis published by Cyble.

BANK NAME           NO. OF CARDS LEAKEDAMERICAN EXPRESS, US150,663FISERV SOLUTIONS, LLC24,491WELLS FARGO BANK18,818THE FIFTH-THIRD BANK18,007ITAU UNIBANCO16,130U.S. BANK13,268BANK OF AMERICA11,173FIDELITY INFORMATION SERVICES, INC10,767JACK HENRY & ASSOCIATES10,553BARCLAYS BANK, US7,669COUNTRIESNO. OF CARDS LEAKEDUNITED STATES676,899INDIA158,626BRAZIL60,890UNITED KINGDOM24,233MEXICO21,156TURKEY16,171SPAIN14,993ITALY13,391AUSTRALIA12,671CHINA12,664Underground carding marketplaces are crucial components of the cybercrime ecosystem, they facilitate the sale and purchase of payment card data. One of the most popular carding site was Joker Stash, its operators retired in February 2021 and shut down their servers and destroyed the backups.

According to Forbes, the administrator has amassed a billion dollars worth of Bitcoin with its activity.

After the retirement, other carding websites such as ‘Ferum Shop’, ‘UAS’, and ‘Trump Dump’ gained popularity in the underground marketplace.

“Since that time, we saw a rise in the emergence of several new debit and credit card shops to fulfill the illicit demand for compromised payment cards.” continues Cyble.

‘BidenCash’ was launched in April 2022 and was considered a low-profile credit card shop. The ability of its operators to periodically release fresh dumps and promotional lots for free increased rapidly increased its popularity.

In June 2022, BidenCash released over 7.9 million payment card data dating from 2019 to 2022 on a cybercrime forum. However, the dump only contained 6,581 records exposing credit card numbers.

Stolen payment card data are usually obtained through web skimming attacks.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, BidenCash)

The post Dark web carding site BidenCash gives 1.2M payment cards for free appeared first on Security Affairs.