Share this article on:
To promote their dark web stolen credit cards marketplace, malicious actors BidenCash have leaked 1,221,551 credit card details available for hackers to access and download for free.
The dark web database of credit card information published by BidenCash reportedly includes more than 12,000 from Australia, according to Cyble's Research and Intelligence Labs.
BidenCash is a stolen cards marketplace which launched in June 2022, which has announced the stolen payment details is a promotional move, similar to the "All World Cards" leak in August 2021.
The malicious cyber actors have touted the leak as a "special event offer" that had been spotted by Italian security researchers at D3Lab, who monitors carding sites on the dark web.
⚠️ #BidenCash after 4 months shared a new credit card dump of over 1 million users!
— D3Lab (@D3LabIT) October 7, 2022
ℹ️ These cards mainly come from web skimmers!
? The archive contains: PAN, CVV2, Expiration date, Name, Surname, Shipping Address and Email!
We are analyzing the data, more details soon! pic.twitter.com/bR1NuNdeSF
The credit card dump announcement was made on new URLs, which BidenCash launched late last month in response to DDoS (distributed denial of service) attacks. Security analysts suspect this could be a way to promote the new shop domains. The cards impacted are mostly VISA, Mastercard and American Express cards.
The dump of 1.2 million credit cards includes the following credit card and associated personal information:
According to a BleepingComputer report, the details listed are not available for all 1.2 million records, but most entries contain over 70 per cent of the data types.
Security analysts believe the card details were stolen by web-skimmers, malicious code designed to infect hacked websites and e-commerce sites built to steal submitted credit card and customer information. The practice, otherwise known as "carding", is the trafficking and use of credit cards stolen through point-of-sale malware, magecart attacks on websites, or information-stealing malware.
Cyble's Research and Intelligence Labs also noticed the BidenCash debit and credit card data "giveaway" during a routine monitoring exercise.
Based on Cyble's analysis, the top 10 impacted countries are:
Cyble researchers have noted that the credit and debit cards data published by BidenCash shop is "one of the largest leaks of its kind" on any of the cyber crime or underground forums recently.
"Our detailed statistical analysis revealed that American Express (US) is impacted the most.
"The top 50 countries with affected consumers are the US, India, Brazil, the UK, Mexico, Turkey, Spain, Italy, Australia, and China," Cyble added.
Banking organisations and financial institutions should maintain a dynamic monitoring process for payment card transactions, Cyble researchers suggest, in order to detect and mitigate fraud against consumers.
"We have observed many threat actors that drive fraudulent transactions and purchases using compromised payment cards.
"The impacted consumers may face an increased risk of financial fraud due to the leaked information," Cyble researchers said.
[Related: Electric vehicle charging a cyber risk to the national energy grid]
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.