Rewterz Threat Update – 1.9 Million Credit Cards Offered for Free on BidenCash Darkweb Market

Severity

High

Analysis Summary

BidenCash, a stolen credit card marketplace operating on both the dark web and clearnet, has initiated a controversial promotional strategy by distributing 1.9 million stolen credit cards for free through its platform. Launched in early 2022, the marketplace specializes in selling credit and debit card information obtained through phishing or skimming on e-commerce websites. With prices as low as $0.15 per item, BidenCash employs verification and automated checks to ensure the validity of cards listed for sale.

The platform has garnered popularity within the cybercriminal community, leveraging occasional free data dumps to enhance its notoriety and attract new members. This latest release marks the fourth instance of BidenCash offering free credit card information since October 2022, with the previous leaks comprising 1.22 million, 2 million, and 230,000 cards. In total, over 5 million stolen credit cards have been disseminated for free. The promotion raises serious concerns about the platform’s impact on online security and highlights the growing sophistication and audacity of cybercriminal activities in the digital realm.

Nevertheless, it is important to highlight that examinations of the previous data releases revealed instances of duplicates, along with invalidated or expired cards, rendering a considerable portion of the free data packs non-functional. In the current leak, the compromised data includes card numbers, expiration dates, and three-digit security codes (CVVs). While the majority of the cards exhibit expirations ranging from 2025 to 2029, a few entries with expired dates from 2023 were also identified. This underscores the need for caution and skepticism regarding the actual utility of the leaked information, as not all the provided data may be valid or usable for illicit activities.

The recent leakage of card numbers, verification codes, and expiration dates poses a direct threat to cardholders, potentially leading to unauthorized online purchases and exploitation through money-mule networks. The compromised data may also be exploited in scams or attacks targeting bank employees. Although the validity of the leaked information remains unconfirmed, the platform’s historical provision of genuine data raises concerns about the potential risks.

Despite its thriving activity in 2023, BidenCash’s latest release lacks the comprehensive data quality that previously distinguished it. To mitigate the risk of payment data exposure, consumers are advised to shop from reputable retailers, use secure digital payment methods or one-time private cards, and enhance account security with two-factor authentication.

Impact

• Financial Loss
• Sensitive Information Theft

Remediation

• Use strong, unique passwords for each account.
• Enable two-factor authentication whenever possible.
• Regularly update your software, operating systems, and antivirus programs.
• Be cautious of phishing attempts and avoid clicking on suspicious links or downloading unknown attachments.
• Raise awareness among potential victims and the general public about the threat.
• Provide information on how to recognize phishing attempts, use secure online practices, and regularly monitor financial statements for unusual activities.
• Encourage individuals to adopt strong security practices, including using unique passwords for each account, enabling two-factor authentication, and updating security software regularly.
• Collaborate with e-commerce platforms and vendors to enhance security measures, implement advanced fraud detection systems, and improve user authentication processes to prevent further breaches.
• Conduct thorough cybersecurity audits for affected individuals and organizations to identify potential vulnerabilities and implement necessary security measures to prevent future incidents.
• Develop a robust incident response plan that outlines steps to take in the event of a breach. This should include procedures for containment, investigation, and notification of affected parties.
• Develop a long-term cybersecurity strategy to prevent future incidents, including investing in advanced threat detection and response capabilities.