A recently launched underground marketplace has circulated over 1.2 million credit cards on the dark web.
According to Bleeping Computer, the hackers behind ‘BidenCash’ have leaked the data of 1,221,551 credit cards in an effort to recruit crooks to their site.
The illicit carding market, which is accessible via the dark web, started online in June 2022. This particular bazaar began by exposing hundreds of credit cards.
However, in order for its services to gain popularity, BidenCash chose to provide information for over 1.2 million cards all at once.
Stealing and selling credit card information may be lucrative for the persons involved, as such sensitive data is typically sold in batches. After all, hackers can use the cards to purchase products, withdraw funds from accounts, or just charge the card itself until the bank recognises the activities are false.
So, what’s the point of BidenCash’s freebie? The solution rests in distributed denial of service (DDoS) assaults on its originating domains. As a result, in order to spread the news about new URLs for the service, the hackers are giving the data for free.
They distributed the new URLs via numerous hacking and carding sites, in addition to a clearnet domain.
In terms of credit cards, the file contains cards with expiry dates ranging from 2023 to 2026. Although some of the cards belonged to non-US residents, the vast majority belonged to Americans.
Along with the apparent sensitive data linked to the cards, the leak also includes personal information such as email addresses, phone numbers, and the cardholder’s address.
According to security specialists, the majority of the 1.2 million cards come from web skimmers, which are scripts embedded on checkout pages of hijacked e-commerce sites that send any credit card information submitted straight to the threat actors.
As previously said, credit card fraud is a lucrative business for thieves. Global payments fraud has climbed from $9.84 billion in 2011 to a startling $32.39 billion in 2020, according to Merchant Savvy research.
As usual, be cautious when inputting your account information online, and contact your bank if you see any suspicious activity.
- 1 million Kashmir University Students & Teachers’ Data ‘hacked, put on sale’ on Dark Web
- SpaceX engineer found guilty of selling insider information on the dark web
- Russian hackers put the PIA network and database up for sale on the dark web