A recently launched underground market has circulated over 1.2 million credit cards on the dark web.
According to Bleeping Computer, the hackers behind “BidenCash” leaked the data of 1,221,551 credit cards in an attempt to recruit scammers to their site.
The illicit card market, accessible via the dark web, began online in June 2022. This particular bazaar began by exposing hundreds of credit cards.
However, in order for its services to gain popularity, BidenCash chose to provide information for over 1.2 million cards at a time.
The theft and sale of credit card information can be lucrative for those involved, as this sensitive data is usually sold in batches. After all, hackers can use the cards to purchase products, withdraw funds from accounts, or simply charge the card itself until the bank recognizes the activities are fake.
So what is the BidenCash giveaway for? The solution relies on Distributed Denial of Service (DDoS) attacks on its home domains. As a result, in order to spread the information about new service URLs, hackers provide the data for free.
They distributed the new URLs via numerous hacking and carding sites, in addition to a clearnet domain.
In terms of credit cards, the file contains cards with expiration dates ranging from 2023 to 2026. Although some of the cards belonged to non-US residents, the vast majority belonged to Americans.
Along with seemingly sensitive card-related data, the leak also includes personal information such as the cardholder’s email addresses, phone numbers and address.
According to security specialists, the majority of the 1.2 million cards come from web skimmers, which are scripts embedded in the payment pages of hacked e-commerce sites that send all submitted credit card information directly to security actors. the threat.
As stated earlier, credit card fraud is a lucrative business for thieves. Global payment fraud has grown from $9.84 billion in 2011 to $32.39 billion in 2020, according to research by Merchant Savvy.
As always, be careful when entering your account information online and contact your bank if you see any suspicious activity.