Criminal marketplace BidenCash released an online database containing nearly two million payment card details.
Cybercrooks announced the leak on an underground cybercrime forum. According to the Cybernews research team, the leaked payment card details appear legitimate.
The database includes payment card numbers, expiration dates, and CVV (card verification value) numbers. However, the leak lacks other important information, usually found on payment cards, such as its owners’ names.
BidenCash has leaked credit card details in the past as well. The marketplace’s admins employ public leaks of millions of payment details as a form of advertisement, announcing the marketplace was launched or showcasing some of its services.
Criminals find many uses for stolen cards, often aiming to mask their illicit activities. Marketplaces like BidenCash provide an ample supply of stolen details. However, the gang keeps the data it wants to sell under wraps, as publicly leaked card details are less valuable for cybercriminals.
Threat actors often obtain card data using information-stealing malware or infecting point-of-sale (PoS) devices.
BidenCash first launched in June 2022. Its operators have spearheaded similar promotion campaigns: last October, BidenCash’s operators offered users a dataset containing over 1.2 million stolen cards.
Carding is an unauthorized use of stolen credit card information. It might include buying prepaid gift cards to cover criminals’ tracks, exploiting personal data, or money laundering.
The carding market encompasses two segments: selling card data in text format (card number, expiration date, cardholder’s name, address, and CVV) and card dumps (information taken from the card’s magnetic stripe).
More from Cybernews:
Subscribe to our newsletter