A darkweb website known as “BidenCash” released more than 2 million credit and debit card numbers and details, security researchers have warned.
Screenshots of the BidenCash website, reviewed by The Epoch Times, show that “more than 2 million credit cards” are being released because of its one-year anniversary. The website, reportedly run by Russian-speaking cybercriminals, uses President Joe Biden’s name and likeness and, according to the screengrab, signed off in broken English: “Sincerely, yours Joe Biden.”
Threat research website Cyble wrote that “the data within the leak included Personally Identifiable Information such as names, emails, phone numbers, home addresses, and the main offering: payment card numbers, expiration dates, and CVV codes, with the expiration dates ranging from early 2023 up to 2052.”
“This leak contained at least 740,858 credit cards, 811,676 debit cards, and 293 charge cards,” according to a blog post dated March 1. “The inherent risk is higher for debit card holders than credit card holders, due to different fraud protection.”
⚠️ #BidenCash Store has shared a third credit card dump of over 2 million users!
ℹ️ These cards mainly come from web skimmers!
? The archive contains: PAN, CVV2, Expiration Date, Name, Surname, Shipping Address and Email!
We are analyzing the data, more details soon! pic.twitter.com/13yLekTyDv
— D3Lab (@D3LabIT) March 1, 2023
An analysis provided by Cyble shows that the majority of the debit and credit card records come from the United States. There are also sizable numbers of leaked credit card numbers and details from Mexico, China, and the United Kingdom.
The top five most impacted banks are Chase, Bank of America, and Wells Fargo, Capitol One, and Citibank, the researchers noted. However, some 1.6 million were listed as “others.”
“The presence of email addresses and full information (commonly referred to as ‘Fullz’ by cybercriminals) will make the victims of this leak vulnerable to other attacks, such as phishing, identity theft, and scams, long past the expiration of their card details,” wrote Cyble’s researchers.
As of Monday morning, none of the five banks have issued statements on the purported leaked card information.
“Threat Actors routinely utilize stolen credit cards for fraud by purchasing them from carding marketplaces, as we have seen in the examples of BidenCash,” the researchers wrote. “However, the availability of these cards for free will enable bad actors to commit more fraudulent activities. Banking institutions should monitor the dark web for these leaks and fraudulent activities to prevent fraud proactively.”
Andrea Draghetti, a researcher with D3Lab, wrote last week that the BidenCash leak’s data contains tens of thousands of duplicate entries. However, he noted that about 2,141,564 card entries are unique. His firm noted that the card numbers and other details often are sourced from illicit “web skimmers.”
Last week’s dump isn’t the first time BidenCash has leaked card data. In October, it dumped 1,221,551 credit card details in October to promote its new URL after it was targeted in a DDoS, or distributed denial-of-service, attack, according to TechSpot.
“BidenCash has done this twice before to market their dark web shop, so we believe it’s just a clever marketing strategy,” Ilya Volovik, a researcher on payment fraud with Insikt Group, told The Record. “I believe we will be seeing carding increase as Russia is sinking economically and politically” because of the Russia-Ukraine war and the punishing Western sanctions, Volovik noted. “The shadow economy that prevailed in Russia in the 1990s-2000s will return.”
Security researchers say that one of the best ways to protect against fraudulent activity or identity theft is to frequently check their credit or debit card activity, sign up for credit or debit card alerts, and install strong antivirus software on all their devices.
From The Epoch Times