June 21, 2022

A new carding site called ‘BidenCash’ is currently earning notoriety for leaking credit card details together with information about their owners and selling these for as low as 15 cents.

The platform began operating in April but kept its offerings lowkey because its infrastructure then was not ready to cater to large-scale operations.

Last June 16, BidenCash admins leaked a CSV file containing names, addresses, telephone numbers, emails, and credit card numbers for free to advertise their platform.

The leaked file has close to eight million lines but not all contain credit card details. As per Italian cybersecurity firm D3Lab, the database contains about 6,600 credit cards.

From the list, there are some 1,300 new and valid credit cards, most of them issued by VISA and owned by U.S.-based customers.

The leaked file also contains over three million unique email addresses that could be used for phishing and hijacking of accounts.

Carding sites have always been a lucrative business for cybercriminals.  The data found on these sites is stolen via planting web skimmers on online shops to steal payment details from customers as well as other illegal methods.

BidenCash also contains a filtering system, enabling cybercriminals to locate stolen cards suitable for their operations by searching for specific countries, banks, or entries that have the details they need such as CVV, email, address, card type, or cardholder name.

Card holders are urged to pay close attention to charges made on their cards and immediately report any suspicious activity to their bank. Furthermore, adding protections like validating certain purchases or setting up charging limits are excellent ways to stop cybercriminals from using stolen cards.

For more information, read the original story in Bleepingcomputer.