Darknet market BidenCash gives away 1.2 million credit cards

10/18/2022Darknet News

In an effort to establish itself, the “BidenCash” dark web marketplace is giving away 1.2 million stolen credit cards, some of which have additional sensitive data (such as Social Security numbers) attached.

The nascent dark web marketplace started aggressively marketing itself in June. Prior to that, it had released a dump of credit card data that had been stolen as an introductory advertising strategy, though it only involved a small number of numbers. Most of the numbers are from the United States, and roughly 30% of the collection are numbers that have never been seen before, according to security analysts. However, many of the numbers have been blocked by banks, and only a small portion of the dump may still be useful. Free cards are sent as part of a dark web marketplace promotion, but many of the numbers are already blacklisted.

A recognizable scheme

A total of 1,221,551 of the stolen credit cards were released for public inspection via a dark web marketplace that sells them. Security experts who have examined the dump, however, think that a significant portion of it originates from a similar scheme that was pulled off the previous year: in August 2021, a dark web store named AllWorld Cards revealed nearly a million cards that had been stolen between 2018 and 2019.

According to researchers, the majority of the BidenCash release is made up of reused data from that and other past data breaches that were already circulating online. However, a portion of this release—roughly 30% (350,000)—contains more newly stolen credit cards that haven’t been seen previously. About 70% of the cards are “fulls,” meaning they have all the information required to make online purchases, and the majority of them have expiration dates between 2023 and 2026. (such as the CVV number on the back of the card). Unknown numbers of cards contain additional personal data tied to them, such as phone numbers and email addresses, and some even have US Social Security numbers.

AmEx among the favorites

The dark web market is known to trade in information that has been stolen through malware that attacks point-of-sale systems at retail locations or virtual shopping cart systems at e-commerce websites, but no single source for all of this new information has been found. According to one article, “web skimmers,” or software inserted into the checkout pages of compromised websites that steal the entering payment information as the transaction goes through, gathered the stolen credit cards. Most of the cards are from the United States, with a few from a dozen or so other nations in Europe, Asia, Africa, and South America. American Express accounts for 53% of the cards, the majority of which are issued in the US.

The dark web marketplace did not give a particular explanation for their apparent generosity, but it’s possible that the marketing ploy was made in response to a DDoS attack that recently took down one of the marketplace’s former domains. The company is probably attempting to draw attention to its new store domains as soon as possible. Not just through one of its own domains, but also through posts on several carding and hacking forums, the stolen credit cards were made public.

Dark web marketplaces typically maintain an inventory of several million card numbers at any given time, which provides an indication of the scale of the online market for stolen credit cards. These typically cost between 30 cents to $15 USD. As can be seen on the BidenCash website, they frequently offer a separate area for more expensive “hot” cards that have just recently been confirmed to work and cost $5 or more per number or more. In an effort to get the cardholder to miss the unusual transactions before it’s too late, stolen credit cards are typically tested with a series of small-ticket purchases.

Not many carding websites are this large, but in a matter of months, BidenCash was able to amass an inventory of more than two million stolen cards (with the capacity to distribute another million or more). Another sector of cybercrime that had a significant uptick in activity as a result of the Covid-19 epidemic and related lockdown measures saw activity spike from $28 billion in 2019 to $32 billion in 2020, more than tripling from the little less than $10 billion reported in 2011. The US is by far the most often targeted nation, accounting for nearly a third of all credit card theft traffic, although there is increasing interest in populous nations with developing economies like India and Brazil.