BidenCash Market Leaks 2M Credit Cards in Birthday Blitz

BidenCash is a carding marketplace that functions on both the dark web and the clear web, offering stolen credit card details to the public.

BidenCash, a notorious dark web carding marketplace, has leaked over two million valid credit cards as part of its birthday anniversary promotion. The one-year-old leaked dataset contains card information from all over the world, with a significant number of them issued in the United States, China, Mexico, India, Canada, and the UK.

The leaked information includes cardholders’ full names, card numbers, bank details, expiration dates, card verification value (CVV) numbers, home addresses, and more than 500,000 email addresses.

BidenCash Leaks 2 Million Credit Cards in Birthday Blitz — The screenshot shows the type of data leaked by the BidenCash marketplace and their post on a Russian hacker forum (Credit: Hackread.com)

Usually, cybercriminals tend to use the dark web to sell such information; in the BidenCash case, the administrator of the carding site has decided to give a treasure trove of information to the public. It is worth noting that the 260 MB of data, as shown in the screenshot above, is also leaked on a popular Russian language hacker forum.

Although, the exact modus operandi of BidenCash is unclear; carding sites mostly obtain credit card data through various methods, including using information-stealing malware, phishing attacks, skimming, and exploiting vulnerabilities in point-of-sale (PoS) systems.

They also purchase or trade data in underground forums or from other cybercriminal groups. Once the data is obtained, the carding site operators can sell the information to other cybercriminals or use it for fraudulent activities such as making unauthorized purchases or money laundering.

While this is not the first instance of BidenCash leaking credit card data, the timing of their “birthday anniversary promotion” seems questionable. A user on a Russian forum even pointed out that the claim of their anniversary celebration in March is contradictory to their launch date in June last year, stating, “Weren’t you launched in June last year and not in March?”

The authorities are investigating the incident, and affected cardholders are advised to monitor their accounts and report any suspicious activities to their banks. Meanwhile, cybersecurity experts are calling for more robust measures to curb the proliferation of carding marketplaces and the use of stolen credit card information.