2.1M Cardholders in Danger as Hackers Celebrate Anniversary

And what does Joe Biden have to do with it?

The president of the USA, indeed, has nothing to do with it. However, he is, apparently, very much loved by the cyber criminals, so they have called a darknet market after him. The operators of the carding website called “BidenCash” have marked the first anniversary of their platform with a massive leak of compromised bank card data. In celebration of such a “milestone,” the site’s administrators posted a file containing information on 2.1 million compromised bank cards on a hack forum.

For those unfamiliar, BidenCash was launched on February, 28 2022 and quickly gained notoriety for a similar stunt. The site’s operators distributed a CSV file containing names, addresses, phone numbers, email addresses, and bank card numbers to anyone who wanted it, free of charge, in an effort to promote their platform. At the time, the dump contained data on approximately 6,600 bank cards, with around 1,300 of them being valid and new. Here at Kaduu we still keep this file and you can check with our service if your bank card number has been breached.

Photo by Alexander Grey

The carding website’s administration held another free card giveaway in the fall of 2022 as part of a promotional campaign to attract new users. At that time, the dump contained information on 1.2 million cards from around the world with an expiration date between 2023 and 2026.

The data was mostly obtained through web skimmers, which are malicious scripts that hackers inject into checkout pages on online stores. These scripts steal information about bank cards and other user data.

The “birthday gift”

This Tuesday, the Kaduu team has came across a new post, made by the BidenCash operators. The carding website decided to celebrate a year after launch with a new breach. The new anniversary dump includes the cardholder’s name and address, as well as personal financial data such as the card’s full number, expiration date, CVV number, and bank name.

Screenshot of BidenCash website made by Kaduu Team

As we analysed the file we noticed, that most of the leaked cards will expire in 2023 (some have already expired the day of publication). Half of the cards belonged to individuals or legal entities in the United States, while approximately 5% were stolen from users in China and the United Kingdom.

It’s worth noting that, while BidenCash is one of the top five carding stores in terms of the number of cards.

Credit card fraud is a serious issue that costs businesses and individuals billions of dollars every year. Despite advances in technology, criminals continue to find ways to steal credit card data and use it for illegal activities. Consumers can protect themselves by regularly monitoring their accounts for suspicious activity and by taking steps to secure their personal information online. Businesses can protect themselves by implementing robust security measures, such as encryption and two-factor authentication, to prevent data breaches and other security incidents.

If you liked this article, we advise you to read our previous article about a security breach at Activision Blizzard. Follow us on Twitter and LinkedIn for more content.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.