BidenCash, a marketplace that focuses on carding, has leaked a database of 2,165,700 credit and debit cards to celebrate its first anniversary. Instead of keeping the leak a secret, the cybercriminals chose to advertise it on underground forums, hoping to gain more attention.
The leaked information includes 740,858 credit cards, 811,676 debit cards, and 293 charge cards, as reported by researchers at Cyble. While many of the cards were duplicates, there are still 2,141,564 unique cards in the database, according to Andrea Draghetti, Head of Threat Intelligence at D3Lab.
The dataset contains personally identifiable information such as names, email addresses, phone numbers, home addresses, and payment card details. The information also includes card expiration dates and CVV codes, with expiration dates extending up to 2052.
Additionally, the database includes roughly 497,000 unique email addresses from over 28,000 domains, making it a potential goldmine for targeted phishing and other types of fraud.
BidenCash expressed gratitude to its customers for their support and trust, stating that it couldn’t have reached its one-year milestone without them. However, cybersecurity researchers are concerned about the potential misuse of the leaked information by fraudsters and cybercriminals.
“The presence of email addresses and full information (commonly referred to as “Fullz” by cybercriminals) will make the victims of this leak vulnerable to other attacks, such as phishing, identity theft, and scams, long past the expiration of their card details,” Cyble stated.
Records leaked by country:
| Records | Country |
| 965846 | UNITED STATES |
| 97665 | MEXICO |
| 97003 | CHINA |
| 86313 | UNITED KINGDOM |
| 36906 | CANADA |
| 36672 | INDIA |
| 23009 | ITALY |
| 22798 | SOUTH AFRICA |
| 21361 | AUSTRALIA |
| 19700 | BRAZIL |
This is not the first time that BidenCash has used free credit card leaks as a promotion tactic. In October, the carding shop released another free dump of 1,221,551 credit cards in October. The crooks distributed the data via a clearnet domain and various other hacking and carding forums.
Roughly 30% of the leaked credit cards that were analyzed at the time turned out to be “fresh,” which could be used for financial fraud.
Similarly, All World Cards promoted itself in August 2021 by leaking 1,000,000 credit cards for free on different hacking forums.
While the exact validity of the leaked information is unknown, it is crucial to remember that it can be used for fraudulent activities. As a result, it is necessary to be vigilant and take precautions to prevent fraud, such as monitoring financial accounts and being cautious of suspicious emails or phone calls.
