BidenCash Sells Stolen US Credit Cards

Leak Sites Offer Free Stolen Visa Credit Cards

President Joe Biden tends to be trending on the dark web in recent days. On the deep web, criminals have created a website using the US leader’s name in one of the newest scams that mostly target American citizens. Recently, the new website site named ‘BidenCash’ popped up and has rapidly gained prominence among dark web hacking communities.

This site, according to security analysts, is notorious for its activities with stolen credit cards. Thus, the site prominently features exposed credit card information, but not only that, criminals can tap into a treasure trove of documents that provide information about the owners of the stolen credit cards.

Investigators tracking the BidenCash platform revealed that it was launched in April, however, at that time; it provides just a limited amount of resources. According to the researchers, it seems it was unable to support the large amount of traffic it would draw from criminal hackers on the hunt for new resources to carry out their scams.

6,600 Live Credit Cards in Free Giveaway

With its limited infrastructure unable to support its large-scale scamming operations, the threat actors decided to offer free information to quickly promote the site in the hacking communities. Reportedly, on June 16, 2022, BidenCash gave out free info to criminal hackers, who received a CSV file comprising names, addresses, phone numbers, emails, and credit card details of newly targeted victims.

The Italian cyber security team from D3Lab has been tracking the BidenCash operators and stated that the highly promoted database only contains approximately 6,600 stolen credit card numbers. However, the free CVS file consisted of about eight million lines but most of them contains blank information.

Furthermore, the cyber security analysts revealed that the file contains approximately 1,300 VISA cards. They also noted that these were all newly received and genuine credit cards tracked to US individuals.

In addition, the free CVS file has more than three million emails belonging to mostly American citizens. It’s expected that the majority these stolen credit cards are expected to be used for account hijacking and the popular phishing scams, which hackers often utilized to find and target new victims.

Hackers ‘Leaking Cards’ Scam

The practice is called ‘leaking cards’ with the majority often used for promotion; it is a popular way for dark web hackers to boost their illicit operations. Over time, it has become a frequent tool used in hacking groups. Between 2018 and 2019, another dark website called ‘All World Cards’ boosted its promotion by distributing one million stolen cards.

BidenCash shop is just one of the latest carding sites to have popped up in 2022, they have been popular on dark web marketplaces for the last decade. Analytical reports documented that carding sites are a very profitable business model often utilized by cyber criminals. Quite frequently these illicit websites provide a market for stolen cards, which hackers used to purchase genuine services for scamming operations.

BidenCash operates similar to other carding sites with validity ratings for new sales. With this scenario, 20 cards are in each random batch where the score is randomly calculated and checked for any changes. Thus, the validity rate must remain constant, but if significant changes are found that card is removed from the new sales batch.

Accordingly, the BidenCash filtering engine helps threat actors find the right stolen credit cards to use in a specific campaign. Criminal hackers are able to target victims from specified regions, and even banks. Some filtered entries provide the hackers with credit cards’ CVV, card type, and the name of the cardholder, as well as their email addresses and even home addresses.

Credit Card Fraud Protection

Cardholders must track their daily spending and watch for any changes on their accounts. They must quickly notify their respective banks of any unusual activity. It is also wise to add authentication safeguards whereby they have to be contacted about specific transactions. In addition, setting charging limits on their accounts are some of the most effective ways to prevent criminal hacker from targeting them.

There are also some very effective methods that banks use to prevent threat actors from utilizing stolen cards. Some financial institutions offer virtual cards, and single-use debit cards that are only good for single purchases.

Finally, utilize MFA (Multi Factor Authentication to secure your online account and enable crucial notifications through emails and SMS alerts.