Card Shop Threat Landscape: BidenCash Dumps 2.1M Stolen Credit Cards

Flashpoint intelligence reports that BidenCash, a prominent Russian-speaking card shop, released 2.1 million stolen credit card records to celebrate its one-year anniversary. The dump, distributed on the XSS darknet forum, includes full PII such as names, addresses, and CVV numbers. Approximately 50% of the compromised cards belong to US-based entities, with 70% expiring in 2023. This move aims to attract new customers amidst competitive pressure following the closure of rivals like Joker's Stash and Russian law enforcement takedowns of other markets. While the viability of these cards may be limited due to expiration or fraud flags, the release signifies ongoing volatility in the carding landscape. Organizations should enhance fraud detection mechanisms, monitor darknet markets for leaked credentials, and enforce strict transaction verification to mitigate financial losses associated with this large-scale data compromise.

What we know about the most recent BidenCash dump, and what it means in the context of the greater card shop threat landscape. The post Card Shop Threat Landscape: BidenCash Dumps 2.1M Stolen Credit Cards appeared first on Flashpoint .

Flashpoint intelligence reports that BidenCash, a prominent Russian-speaking card shop, released 2.1 million stolen credit card records to celebrate its one-year anniversary. The dump, distributed on the XSS darknet forum, includes full PII such as names, addresses, and CVV numbers. Approximately 50% of the compromised cards belong to US-based entities, with 70% expiring in 2023. This move aims to attract new customers amidst competitive pressure following the closure of rivals like Joker's Stash and Russian law enforcement takedowns of other markets. While the viability of these cards may be limited due to expiration or fraud flags, the release signifies ongoing volatility in the carding landscape. Organizations should enhance fraud detection mechanisms, monitor darknet markets for leaked credentials, and enforce strict transaction verification to mitigate financial losses associated with this large-scale data compromise. What we know about the most recent BidenCash dump, and what it means in the context of the greater card shop threat landscape. The post Card Shop Threat Landscape: BidenCash Dumps 2.1M Stolen Credit Cards appeared first on Flashpoint . Blogs Blog Card Shop Threat Landscape: BidenCash Dumps 2.1M Stolen Credit Cards What we know about the most recent BidenCash dump, and what it means in the context of the greater card shop threat landscape SHARE THIS: Flashpoint Intel Team March 2, 2023 Table Of Contents Table of Contents What BidenCash has shared Initial findings Not the first BidenCash release BidenCash vs. The Competition Fight card fraud More subscribe to our newsletter What BidenCash has shared On February 28, 2023, card shop BidenCash announced its one-year anniversary. To commemorate the event, the administrators of BidenCash shared a text file of 2.1 million compromised credit cards for free on a top-tier Russian-speaking darknet forum XSS. Here’s what we know about the most recent BidenCash dump, and what this means in the context of the greater card shop threat landscape. Initial findings Our initial findings indicate that the text file with the credit card numbers contains a host of personally identifiable information (PII), including the cardholder’s name and address as well as private financial data such as the full card number, expiration date, CVV number, and bank name. Additionally, about 70% of the cards have expiration dates in 2023; 50% of the cards belong to US-based people or entities; while fewer than 5% of them are based in China and the UK. While BidenCash currently ranks in the top-5 card shops by total volume (above), quality (the viability of the cards) always trumps the quantity (total number of cards). BidenCash’s release is one of the largest observed in the last year, where a typical release is somewhere in the ballpark of 40,000 stolen credit cards. Like any offering of free samples, the goal is to attract new customers to the storefront. The actual mileage on those credit cards may be limited, as they are approaching expiration, or have likely been already flagged for fraud by financial institutions. Not the first BidenCash release BidenCash has previously released large compromised card dumps to gauge interest in its card shop. For example, on June 16, 2022, BidenCash card shop released a database with information of 7.9 million individuals on the top-tier Russian-language forum XSS. The Great Cyber Exit: Why the Number of Illicit Marketplaces Is Dwindling Read the blog On August 2, 2021, another card shop AllWorldCards announced on XSS the release of 1,000,000 credit cards for free. The data contained in these records included full credit card numbers, expiration dates, CVVs, and in some cases other PII, including country, state, city, address, zip code, email, phone number). BidenCash vs. The competition Since the official closure of Joker’s Stash on February 15, 2021, several card shops have attempted to earn the title of “top card shop,” with Telegram-based shops increasingly conquering market share from more traditional web-based shops. BidenCash is currently a mid- to-top-tier card shop in terms of volume and popularity with threat actors. The shop has managed to steadily increase the volume of cards sold through its platform throughout 2022 and the shop’s giveaway of free credit cards likely constitutes a push to increase its popularity in a still-malleable market. BidenCash launched on April 27, 2022, shortly after Russian authorities seized a number of illicit card shops, including Forum, Trump Dumps, and UniCC, along with the carding forum Sky-Fraud and Remote Desktop Protocol access shop UAS . These cybercrime-related takedowns—which represent one of the last actions of Russian authorities in the cybercrime realm before its military 2022 invasion of Ukraine—launched significant movements in the market of credit card shops, as new or emergent card shops breathed fresh competition into the illicit landscape. Fight card fraud with Flashpoint With...