BidenCash Carding Forum Had Data Of 1.2 Million Credit Card Holders
It’s called BidenCash.
No, this is not government funding President Biden has issued to Americans to help with inflation. It’s a dark web marketplace containing information from millions of cardholders around the globe.
While everyone’s worried about the FTX Fallout and possibly a Crypto.com crash coming next, traditional finance is going overlooked.
Online scammers were able to secure debit and credit card information from over nine million people and placed the information on BidenCash. Anyone can access BidenCash on the dark web, download the card details and use it to commit fraud.
The most affected cardholders were those residing in the United States but other countries such as Brazil, Spain, Turkey, Italy, China, UK, India, Mexico and Australia were also hit.
Cyber researchers initially found BidenCash on the dark web providing a free database of 1.2 million cards in Russian. This is after 7.9 million credit cards were already sold for around 15 cents.
The following information was published: social security numbers, card numbers, CVV numbers, expiration date, bank name and card type. The cardholder’s name, address, state, ZIP code, email address and phone numbers were also exposed.
Who This Affected
Well, over nine million people for starters. But more specifically, the largest banks that were affected were American Express, Fiserv Solutions LLC and State Bank of India.
It is reported that around 508,000 debit cards were exposed–414,000 from Visa. The rest is from Mastercard.
The last reported data breach by BidenCash also revealed official emails from the Bank of Singapore, World Bank and Softbank were made public.
Carding 101
The whole process is known as “carding.”
Carding is the “sale and use of credit cards that have been stolen by malware at points of sale, magecart attacks on websites or information-stealing malware.” This criminal activity is an easy entry-level gig into the world of cybercrime. These forums give users a platform to engage in under-handed exploits.
Analysts report that carding most often happens on e-commerce sites. Scammers will hack the checkout pages with a fraudulent script and steal the customer’s information. They will then take this information to the forum world and sell it for a price.
Carding isn’t new and, apparently, it happens quite often.
“Marketplaces like BidenCash emerge frequently where the threat actors trade-sensitive card data for carding and cloning services,” said Rishika Desai, Cyber Threat Researcher at CloudSEK. “With the BidenCash group trying to gain popularity through various measures, leaking card data motivates other groups to follow the same steps.”
And other groups have followed. BidenCash isn’t the first of its kind–there are still many others out there.
Carding Forums Circulating Right No
There are carding forums illegally making money on people’s credit card information as this is written.
First and foremost, it’s important to note that all carding forums are illegal. The dark web is a place filled with illegal activities such as carding, weapons, drugs and fraud. But while these sites are definitely not recommended for most, it’s interesting to see the darkweb culture.
Legit Forums To Scammers
The Top 5 carding forums offer a variety of exploits in the open. Supposedly, scammers consider them the most legitimate, ironically, in terms of finding help for illegitimate activity.
The elite boards are Crdforum.cc, Crdclub.su, Exploit.in, Ascarding.com, leetforums.ru.
All five of these forums are ranked lowly on the trust index. Carding forums–even these most popular ones–are an enter-at-own-risk type of deal.
Illegit Forums To Scammers
And even in the world of carding forums, there are scammers. Here are five forums so bad, even scammers call them a scam: cardingforum.cx, carding.pw, ezcarder.ru, crdcrew.cc, darkwebmafias.ws.
This shouldn’t have to be said, but sites with the letters “ez” and words like “mafias” don’t sound legitimate by any standard.
Carding forums are just like any other forum–they need admins and moderators to help them run efficiently. This places individuals in positions of trust who are the last people one should trust.
The most popular stratagem for these forums is known as an exit scam. This is where those in that position of trust–admin or moderator–choose to pocket the earnings instead of fulfilling their duties.
It’s called an exit scam for one simple reason: the admin loses their reputation. They will never hold such a position again.
Scammers are also selective about who they target. If they can help it, they don’t want to alienate valuable members.
The ones behind BidenCash could have very well been using these forums to publish card information they stole. This is how they gain a larger audience: they distribute the information on carding forums.
BidenCash contains cards expiring between 2023 and 2026.
The post BidenCash Carding Forum Had Data Of 1.2 Million Credit Card Holders appeared first on Analytics Insight.
It’s called BidenCash.
No, this is not government funding President Biden has issued to Americans to help with inflation. It’s a dark web marketplace containing information from millions of cardholders around the globe.
While everyone’s worried about the FTX Fallout and possibly a Crypto.com crash coming next, traditional finance is going overlooked.
Online scammers were able to secure debit and credit card information from over nine million people and placed the information on BidenCash. Anyone can access BidenCash on the dark web, download the card details and use it to commit fraud.
The most affected cardholders were those residing in the United States but other countries such as Brazil, Spain, Turkey, Italy, China, UK, India, Mexico and Australia were also hit.
Cyber researchers initially found BidenCash on the dark web providing a free database of 1.2 million cards in Russian. This is after 7.9 million credit cards were already sold for around 15 cents.
The following information was published: social security numbers, card numbers, CVV numbers, expiration date, bank name and card type. The cardholder’s name, address, state, ZIP code, email address and phone numbers were also exposed.
Who This Affected
Well, over nine million people for starters. But more specifically, the largest banks that were affected were American Express, Fiserv Solutions LLC and State Bank of India.
It is reported that around 508,000 debit cards were exposed–414,000 from Visa. The rest is from Mastercard.
The last reported data breach by BidenCash also revealed official emails from the Bank of Singapore, World Bank and Softbank were made public.
Carding 101
The whole process is known as “carding.”
Carding is the “sale and use of credit cards that have been stolen by malware at points of sale, magecart attacks on websites or information-stealing malware.” This criminal activity is an easy entry-level gig into the world of cybercrime. These forums give users a platform to engage in under-handed exploits.
Analysts report that carding most often happens on e-commerce sites. Scammers will hack the checkout pages with a fraudulent script and steal the customer’s information. They will then take this information to the forum world and sell it for a price.
Carding isn’t new and, apparently, it happens quite often.
“Marketplaces like BidenCash emerge frequently where the threat actors trade-sensitive card data for carding and cloning services,” said Rishika Desai, Cyber Threat Researcher at CloudSEK. “With the BidenCash group trying to gain popularity through various measures, leaking card data motivates other groups to follow the same steps.”
And other groups have followed. BidenCash isn’t the first of its kind–there are still many others out there.
Carding Forums Circulating Right No
There are carding forums illegally making money on people’s credit card information as this is written.
First and foremost, it’s important to note that all carding forums are illegal. The dark web is a place filled with illegal activities such as carding, weapons, drugs and fraud. But while these sites are definitely not recommended for most, it’s interesting to see the darkweb culture.
Legit Forums To Scammers
The Top 5 carding forums offer a variety of exploits in the open. Supposedly, scammers consider them the most legitimate, ironically, in terms of finding help for illegitimate activity.
The elite boards are Crdforum.cc, Crdclub.su, Exploit.in, Ascarding.com, leetforums.ru.
All five of these forums are ranked lowly on the trust index. Carding forums–even these most popular ones–are an enter-at-own-risk type of deal.
Illegit Forums To Scammers
And even in the world of carding forums, there are scammers. Here are five forums so bad, even scammers call them a scam: cardingforum.cx, carding.pw, ezcarder.ru, crdcrew.cc, darkwebmafias.ws.
This shouldn’t have to be said, but sites with the letters “ez” and words like “mafias” don’t sound legitimate by any standard.
Carding forums are just like any other forum–they need admins and moderators to help them run efficiently. This places individuals in positions of trust who are the last people one should trust.
The most popular stratagem for these forums is known as an exit scam. This is where those in that position of trust–admin or moderator–choose to pocket the earnings instead of fulfilling their duties.
It’s called an exit scam for one simple reason: the admin loses their reputation. They will never hold such a position again.
Scammers are also selective about who they target. If they can help it, they don’t want to alienate valuable members.
The ones behind BidenCash could have very well been using these forums to publish card information they stole. This is how they gain a larger audience: they distribute the information on carding forums.
BidenCash contains cards expiring between 2023 and 2026.
The post BidenCash Carding Forum Had Data Of 1.2 Million Credit Card Holders appeared first on Analytics Insight.
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.