BidenCash is a newly detected website that publicly and illegally sells stolen credit cards.

Biden’s name tells you something since it is named after the current US President, Joe Biden. This may be due to the authority the name implies, or perhaps as a form of mockery towards the president.

A recently created credit card website known as “BidenCash” is trying to gain notoriety by leaking sensitive credit card information from the hacked identities they have.

At the end of April, the platform was initially set up, but its offerings were initially kept at a lower level because the platform’s infrastructure was not yet ready to support large-scale operations. ladder.

On June 16, BidenCash administrators came to the conclusion that the best way to promote their website was to give away a free CSV file containing credit card numbers, addresses, names, phone numbers, and emails. -mails.

BidenCash

BidenCash also provides a validity rating for new sales, with the score being constructed after evaluating 20 random cards from a new batch of sales. According to BleepingComputer, each new listing is revisited once a week for a new validity check, and if the rating changes significantly, the listing is removed from the directory entirely.

BidenCash also has a filtering system that allows threat actors to locate stolen cards suitable for their campaigns. They can do this by searching for specific countries, banks, or entries containing the details they need, such as card type, cardholder name, CVV, email, and address. .

In a test conducted by BleepingComputer, it was discovered that online shoppers can purchase credit cards for as little as $0.15 each. The file contains nearly 8 million lines in total, but not all of them contain credit card information. D3Lab, an Italian cybersecurity firm, estimates the database contains around 6,600 credit cards.

The collection, however, contains over three million unique email addresses that could be used for phishing and theft of various accounts.

The practice of disclosing cards for promotional purposes is a common method used to increase transactions. A website of the same name, “All World Cards”, carried out the same action during the summer of 2018, releasing a million stolen cards between the years 2018 and 2019.

Read also: New Google Chrome extension hides location data that could leak even when using a VPN

BidenCash Stolen Credit Cards

BidenCash has also been tested by D3Lab. On June 16, the malicious website uploaded a document containing a plethora of personal information about credit card owners.

The CVS file with 7,948,862 lines includes information such as credit card number, credit card type and circuit, phone number, name, email and address.

D3Lab is able to obtain the following statistics by performing analysis on its Threat Intelligence Platform on over 1200 newly issued credit cards:

  • The United States of America has the highest number of credit cards involved, with 631, followed by Brazil with 129, England with 142 and Italy with 17 cards.

  • The majority of these credit cards belong to the Visa circuit (777 to be exact), while Mastercard has 36 and Discover has 19;

  • JP Morgan is the most involved issuer with 93 cards, followed by Bank of America and Capital One Bank as the most involved issuers.

According to the company’s analysis, “We have analyzed the published dataset and verified the data contained, not only the credit cards are true. The information (telephone number, e-mail and address) of Italian users mentioned are also correct.”

Related article: Flagstar Bank reveals that 1.5 million customers were affected by a data breach