The carder darknet resource BidenCash again staged a high-profile “advertising campaign”. The site administration published a huge dump containing information about 1,221,551 bank cards for free, allowing anyone to download this data.
Let me remind you that the BidenCash website was launched in the spring of 2022 and almost immediately announced itself with a similar action: BidenCash operators decided to distribute a CSV file containing names, addresses, phone numbers, email addresses and bank card numbers to everyone for free, and thus advertise your platform. Then the experts reported that data about 6600 bank cards can be found in the dump, and about 1300 of them are new and valid cards.
As Bleeping Computer now reports, carders have begun a new, larger promotion, apparently designed to advertise new site URLs launched after the powerful DDoS attacks that BidenCash suffered last month.
To ensure a wider reach, scammers are promoting the new free map dump even on the open web and other hacker and carder forums. According to Cyble researchers, in total, the dump contains information about 1.2 million cards from around the world, with a validity period between 2023 and 2026. Most seem to belong to US users.
For most maps, the following data types are available:
- Card number;
- validity;
- CVV number;
- Owner’s name;
- Name of the bank;
- card type, status and class;
- owner’s address (state and zip code);
- E-mail address;
- social Security number;
- phone number.
Analysts believe that most of the card data was obtained from web skimmers: malicious scripts that hackers inject into the checkout pages of online stores. Such scripts steal information about bank cards and other user data.
Since dumps of this size are usually fakes on the dark web (outright fakes or old dumps with reworked data that epackaged under a new name), Bleeping Computer journalists carefully studied this “drain” together with analysts from the information security company D3Lab.
Unfortunately, the researchers confirmed that the data from several Italian banks is real, and the leaked records correspond to the real cards and their owners. However, most of the dump still turned out to be reworked and compiled from other leaks, for example, from the old dump of the All World Cards marketplace, which previously also distributed cards for free to everyone.
Judging by the sample studied by D3Labs experts, about 30% of the cards turned out to be “fresh”. If this result is extrapolated to the entire dump, about 350,000 cards distributed by the attackers may turn out to be valid. At the same time, the researchers say that approximately 50% of Italian cards may already be blocked, as issuing banks have detected fraudulent activity. This means that only about 10% of this leak may be of value to hackers.