BidenCash Market Dumps 1 Million Stolen Credit Cards on Russian Forum

BidenCash, a dark web carding marketplace known for its aggressive tactics, has leaked a fresh batch of 910,380 stolen credit card records on the Russian-language cybercrime forum XSS.

The leak, published on April 14 at 6:37 PM (UTC), includes card numbers, CVV codes, and expiration dates but lacks names or other personally identifying information. Despite the limited data set, the dump poses a clear risk for online fraud, particularly in card-not-present transactions.

This isn’t the first time BidenCash has released stolen data in bulk. The platform has a history of pushing free leaks as a way to gain attention, build credibility, or as in this case, claim enforcement of its own marketplace rules.

In March 2023, BidenCash leaked 2 million credit card details, which included cardholders’ full names, card numbers, bank details, expiration dates, CVV numbers, home addresses, and more than 500,000 email addresses.

Later, in December 2023, the marketplace released over 1.6 million credit card records containing full card numbers, expiration dates, and CVV numbers, all stored in plain text format.

In the post released alongside the leak on the Russian forum, BidenCash claimed that the data was scraped from different forums and Telegram groups throughout the past month. They stated the purpose was to showcase their so-called “anti-public system,” an internal process designed to identify and remove already-circulated cards from their marketplace.

“Once again, we will show the results of our anti-public system’s work. These are the data collected from various chats and forums over the course of a month. The cards that were found on our platform for sale have been removed, and the suppliers were fined for each card found.”
BidenCash

In other words, BidenCash is presenting this leak as a type of audit. If any vendor was caught selling cards that were already in circulation, those listings were taken down, and the sellers were penalised.

It’s an attempt at quality control, but it also functions as a promotional move. By dropping a massive dataset for free, they increase visibility among carders and lure traffic back to the site.

BidenCash Market Leaks 99,000 Stolen Credit Cards on Russian Forum — BidenCash admin on XSS forum (Image credit: Hackread.com)

While the leak doesn’t contain names, the exposed card data is far from harmless. Criminals often pair such datasets with other breached information or use them in automated testing tools to conduct fraud. The absence of names may help these records bypass some fraud detection systems that match identity data.

Cybercriminals can also filter the list by BIN (Bank Identification Number) to target specific banks or regions. At the time of writing, there has been no public confirmation about which banks are affected or how many of the cards are still active.

Context and Risks

BidenCash has been around since early 2022, acting as a hub for selling stolen credit card information. A lot of these markets pop up and vanish, but this one’s stuck around mostly because it tries to keep its listings in check and claims to kick out duplicate or outdated data.

This new leak seems like more than just a giveaway. It’s a way for them to show they’re still active, keeping tabs on their sellers, and making noise to stay relevant. While the data doesn’t contain names or email addresses, the exposed card info can still be misused. If you’re concerned about your payment card data exposure, do this:

Set up alerts for unusual charges

Monitor your bank statements closely

Use virtual cards for online purchases when possible

Consider requesting a new card if suspicious activity arises