The cybercrime economy continues to wreak havoc on unsuspecting card holders. In their latest illicit operation, BidenCash, a dark web marketplace leaked information on two million credit cards, most of them issued in the U.S. The last leak occurred in October 2022, where a reported 1.2 million in credit card information was released.
Marketing … With a Twist
While legitimate businesses often give discounts or promotions when celebrating an anniversary, BidenCash has offered its own version of a giveaway in the form of stolen personal financial details, including cardholders’ complete names, credit card numbers, and bank information. For any seasoned hacker, this information is gold when it comes to facilitating digital transactions.
Carding, the term used to describe a type of credit card fraud, is where a stolen credit card is used in order to charge prepaid cards. By purchasing a prepaid gift card, criminals can cover their tracks, engage in money laundering, or abuse personal information.
According to Cyber News, there are two segments of the carding market: the selling of the data in a text format, which includes the cardholder’s name, the card number, and the expiration date. The second is in the form of card dumps, which is information that has been derived from the card’s magnetic stripe.
As a key player in the cybercrime economy, BidenCash enables bad actors to use these stolen credit cards to conceal their illegal activities. As far as how this sensitive information gets stolen, two methods exist: data stealing malware and point-of-sale devices.
According to the Cyber News research team, the dataset contains credit card information from all over the world. Cards that were issued in the U.S. were the most impacted, followed by China, Mexico, India, Canada, and the UK.
What Now?
Although cyber police have shut down other similar operations in this space, BidenCash has grown to become a dominant player in the stolen credit card marketplace. For businesses and financial institutions alike, the battle continues to secure personal credit card information.
“Fraudsters move quickly,” said Brian Riley, Director of Credit and Co-Head of Payments at Javelin Strategy & Research. “As innovations make life easier for consumers, fraudsters will quickly follow to take advantage of vulnerabilities that often get missed or minimized in development. Remember Alberto Gonzalez, the mastermind of the TJX breach?”
“With BidenCash, we have a new spin on an old trick: a marketplace for bad players,” he said. “Keep your eyes open, and remember, the easier we make things for customers, the more channels we open to fraud.”
