A carding marketplace known as BidenCash has leaked online a free database of 2,165,700 debit and credit cards in celebration of its first anniversary.
Rather than keeping it under wraps, the threat actors advertised this massive leak on an underground cybercrime forum for more extensive reach and to attract as much attention as possible.
According to Cyble researchers who first spotted it, the leaked information is extensive, with details on “at least 740,858 credit cards, 811,676 debit cards, and 293 charge cards.”
Out of these, tens of thousands were duplicates, but there are still 2,141,564 unique ones, according to D3Lab’s Head of Threat Intelligence, Andrea Draghetti.
The dataset contains personally identifiable information such as names, emails, phone numbers, home addresses, and payment card details, including card expiration dates and CVV codes, with the cards’ expiration dates going as far out as 2052.
Draghetti told BleepingComputer that the massive database also includes roughly 497,000 unique email addresses, totaling more than 28,000 unique email domains, which could prove priceless as ammunition in future targeted phishing scams and other fraud campaigns.
“We are thrilled to have reached our first year anniversary as an online store, and we couldn’t have done it without your support! Thank you for choosing our store and for trusting us to provide you with quality products and excellent service,” BidenCash’s announcement read.
“We are proud to have you as a customer, and we look forward to continuing to serve you in the coming years. Your loyalty and trust are what motivate us to keep improving and growing our business.”
While the researchers couldn’t tell BleepingComputer how much of the information leaked online for free by BidenCash is valid, the risk of it being used by fraudsters and cybercriminals can’t be underestimated.
“The presence of email addresses and full information (commonly referred to as “Fullz” by cybercriminals) will make the victims of this leak vulnerable to other attacks, such as phishing, identity theft, and scams, long past the expiration of their card details,” Cyble said.
The carding shop has been active since February 28, 2022, reaching the fifth spot by total volume in a ranking created by threat intel firm Flashpoint.
This is also not the first time BidenCash has used free credit card leaks for promotion, seeing that such “marketing” tactics have always been a part of the carding marketplace world.
In October, the carding shop released another free dump of 1,221,551 credit cards, and, just as it happened this week, the crooks distributed it via a clearnet domain and various other hacking and carding forums.
Roughly 30% out of a random sampling of the leaked credit cards that were analyzed D3Lab at the time turned out to be “fresh” (usable for financial fraud).
Another carding marketplace, All World Cards, similarly promoted itself in August 2021 when it leaked 1,000,000 credit cards for free on various hacking forums.