Now, even hackers are taking a page out of big advertising’s playbook to promote their ill-gotten personal financial details. Over the weekend, the stolen credit card marketplace called BidenCash announced they were offering a free giveaway of 1,221,551 credit cards, promoting the leak on multiple other sites.
As the local dealers say, the first hit is free, though in this case such a leak could have meant free money for any user who managed to snag a card. Researchers are still looking into the leak, but early reports show many of the cards could have already been reported to the card issuers.
As detailed in a Saturday report from Bleeping Computer, BidenCash first came onto the scene in June this year when they leaked several thousand credit card details for free online. If the number of credit cards from this latest release are still active, it would point to the site blossoming over the course of just a few months, as well as just how prolific online credit card theft has become. This also isn’t even the first massive credit card leak of its kind. Last year, another hacker credit card shop All World Cards released over 1 million card details online.
The 1.2 million credit card details also contain the associated personal information any hacker would need in order to facilitate digital transactions, including the person’s name, bank name, social security number, email, phone number, and address, according to multiple reports and leaked screenshots.
The credit cards could come from multiple sources, including from malware forced into online shops, individual user malware attacks, or from breaches of companies who store credit card info. Cyber security firm D3Lab wrote that most of this card info comes from web skimmers, otherwise known as magecart attacks where hackers inject malware code into a website, allowing them to extract data from typical HTML forms people use to fill in personal or credit card details..
⚠️ #BidenCash after 4 months shared a new credit card dump of over 1 million users!
ℹ️ These cards mainly come from web skimmers!
🚨 The archive contains: PAN, CVV2, Expiration date, Name, Surname, Shipping Address and Email!
We are analyzing the data, more details soon! pic.twitter.com/bR1NuNdeSF
— D3Lab (@D3LabIT) October 7, 2022
Cyber security researchers at Cyble wrote the majority of the 1.2 million cards were from U.S. users. The majority of those cards, 53% to be exact, were from American Express. Gizmodo reached out to the bank to ask whether those cards have been terminated and if any had been used for fraudulent transactions since the card numbers were released, but we did not immediately hear back. Other card issuers included the likes of Wells Fargo Bank, U.S. Bank, and Bank of America.
Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Bleeping Computer reported that D3Labs — itself a company based in Italy — had analysed some of those cards and determined 30% were still active, though many cards could have been listed in the previous All World Cards dump, and many others could have already been blocked.
Gizmodo reached out to D3Labs and we’ll update this post if we hear more.
According to Cyble, BidenCash came onto the scene as a small player back in 2021, but after other major illicit shops retired or were shut down by cyber cops, BidenCash came onto the scene and used its big marketing push to establish itself as a dominant force in the world of ill-gotten credit cards.
And what does the “Biden” in the hackers’ web name point to? Nothing, really. Past credit card dump shops included the likes of Joker Stash, Ferum Stash, and “Trump Dump.” Companies, including big banks, have routinely failed to prevent major breaches that steal users’ credit card information.