HQ/EMEAFind out how we can help your business
BidenCash, a dark web marketplace that surfaced in early 2022, has raised concerns among cybersecurity experts after leaking 1.9 million stolen credit cards for free. The platform specialises in selling credit and debit card information obtained through phishing or skimming on e-commerce websites.
The marketplace’s pricing structure allows cybercriminals to buy stolen card data for as low as $0.15 per item. Utilising verification and automated checks, BidenCash ensures the validity of the cards listed on its platform, contributing to its rising popularity among cybercriminals.
The leaked data from BidenCash poses a direct risk to valid cardholders.
The leaked data includes critical card information such as card numbers, expiration dates, and CVVs. While most expiration dates reviewed extend from 2025 to 2029, a few expired entries from 2023 were also identified.
This issue poses a direct risk to the holders of valid cards, as the leaked information can be exploited for online purchases and channelling funds through money-mule networks.
Notably, this release lacks comprehensive data quality compared to BidenCash’s previous exposures. Unlike a March incident that included individuals’ full details and banking information, the current leak excludes names and email addresses, limiting the risk of various fraudulent activities.
Further, the validity of the leaked data remains unconfirmed, raising the possibility of auto-generated fake entries that may not match real cards. Despite uncertainties, BidenCash has been recognised for facilitating the trade and exposure of card details from countries such as India, Canada, Mexico, China, the US, and the UK.
Security researchers also note that this recent release marks the platform’s fourth credit card dump since October 2022, bringing the total to over 5 million cards leaked for free. Previous dumps, ranging from 230,000 to 2 million cards, were analysed to contain duplicates, invalidated, or expired cards, rendering a significant percentage of them useless.
People must exercise caution and vigilance, as the leaked set could be exploited in scams or other attacks targeting bank employees. Consumers are advised to shop from trusted vendors, utilise digital payment methods, and enhance account security with multi-factor authentication to mitigate the risk of payment data exposure.
Despite potential risks, BidenCash has maintained itself as an active data and money exchange platform. As law enforcement agencies and cybersecurity analysts investigate the origins of the stolen data, individuals are urged to remain vigilant against potential scams that aim to target them.
