BidenCash, a popular dark web carding site, released more than 1.2 million credit cards to promote its service and underground payment card business, allowing anyone to download them for free to commit financial fraud, thereby alerting several security firms.
BidenCash, a marketplace for stolen cards launched in June 2022, has a habit of leaking a few thousand cards as a promotional measure to gift fraudsters who can download the dump for free and use it for fraudulent activities.
It has taken another step to promote its market by placing a record of more than 1.2 million credit and debit cards in a notorious cybercrime forum populated mainly by Russian and English-speaking threat actors who spread the collection through a clearnet domain and other hacking and carding forums.
The circulating file contains a mix of new cards expiring between 2023 and 2026 from around the world, but the majority appear to come from the United States, with others from Canada, India, Bangladesh, Saudi Arabia, the United Arab Emirates, Indonesia, Malaysia, and Singapore.
The stolen information includes 1,221,551 credit and debit card records, including credit card number, expiration date, three-digit card verification value (CVV), card holder’s name, associated bank name, full address, date of birth, email address and telephone number. The database also includes the social security numbers of American cardholders.
Although not all details of all 1.2 million records are available, most entries contain more than 70 per cent of the data types.
The sources for this piece include an article in BleepingComputer.