This article outlines the components of the data dump, the potential danger for the organizations and victims affected.
Analysis
The researcher acquired the shared file and went over the data. It is estimated that 2.1 million cards consisting of debit, credit, and charge cards are present. The file is a CSV text document with each column divided by the ‘|’ symbol. Every row has the entire card number, expiration date, and CVV. Moreover, the column could include the bank information and the card owner’s details. The culprit can exploit this information to execute fraud and use it to execute ensuing assaults such as spear phishing, account takeover, or fraudulent application.
Below are the fields in the column.
Below are the fields in the column.
Our investigation reveals that the United States has the most number of cards in the dump. The list of the top 5 countries with the most cards is given below
More than 75% of the cards expired this year (2023). More than half of the cards are debit cards. Approximately 1 million cards have a registered owner address, while 600 thousand contain both an address and phone number. The table below provides a breakdown of the top ten email providers.
Risks & Mitigation
After the data dump has become freely available on the underground forum, fraudsters may gain access to it and use it to their advantage. The immediate risk is that these individuals can utilize the stolen credit card information to commit fraud, such as making unauthorized purchases on online platforms. However, the longer-term and more significant risk is posed to the one million victims whose information is listed in the dump. Since fraudsters know where their bank, they can exploit this information to perform social engineering attacks and take over their accounts, potentially causing significant financial harm to these individuals. Below are some of the risks.
Summary
The source of the content released by BidenCash remains unknown. It is unclear whether they obtained the data through phishing campaigns, hacked databases, or malware stealers. The release of this information has a significant impact on the affected users, not just the financial institutions. In the short term, it is crucial to protect the impacted users by disabling their cards to reduce the risk of fraudulent activity. However, the users whose cards are listed in the dump remain vulnerable to long-term attacks, ranging from spear-phishing to social engineering. To ensure no future loss, extra measures are required. Given that the BidenCash group was willing to release 2.1 million cards for free, it raises the question of how many cards they may still have in their possession.
If you have any questions or interest in the card with your brand, please do not hesitate to contact us. We are here to help and are committed to finding solutions to your cybersecurity challenges.
