Further investigation indicated that B1ack started this marketing campaign in January this year by posting hundreds of free stolen payment cards to build credibility and attract more customers. B1ack’s Stash made a significant splash when they officially launched their carding shop by releasing a staggering 1 million stolen payment cards for free last April. This incident highlights the persistent threat of financial fraud on illegal platforms and underscores the urgent need for enhanced cybersecurity measures. From the data we collected, it was revealed that the leaked information affected cards from various countries, including the Philippines, with a significant number of exposed payment cards. Typically, carding shops release free data in the thousands, but B1ack’s Stash’s strategy set it ahead of its competition, similar to BidenCash’s tactic last year, where they leaked 2 million stolen cards. The large amount of information criminals were able to steal from such schemes led to more vendors offering stolen data to others through different online platforms.
Dark Web Alert — 29 Billion Passwords, 14 Million Credit Cards Stolen
In addition to the risk for payment card holders, the leaked set could also be used in scams or other attacks targeting bank employees. This time, the leaked data contains card numbers, expiration dates, and three-digit security codes (CVVs). It should be noted, however, that analysis of the previous data dumps showed that the data packs contained some duplicates as well as invalidated or expired cards, so a significant percentage of the free packs weren’t actually usable. Most data bought and sold on dark web marketplaces is stolen through phishing, credential stuffing, data breaches, and card skimmers. Most of use just have the standard personal account, but Premier and Business accounts also exist, and are up for sale on the dark web. US$17.36 is the average price for a credit card number, CVV, expiration date, cardholder name, and postal code—the basics.
- Even using unsecured public Wi-Fi can expose your data to cybercriminals.
- Don’t put your real credit or debit card credentials at risk—hide them with Privacy Virtual Cards.
- American Express cards fetch higher prices due to their spending power.
- Credit card theft is typically proven through evidence of unauthorized transactions, often identified by the cardholder or through the bank’s fraud detection systems.
- A recent report found 65% of merchants reported an increase in chargeback fraud, and that it’s becoming more difficult to fight those charges.
- Unfortunately, as NordVPN notes, short of abstaining from card use, “there is little users can do to protect themselves from this threat,” the company said in the release.
YOU DESERVE THE BEST SECURITY™
Unlike online fraud, this type of theft is harder to detect because the transaction appears as a regular swipe. If your card is linked to auto-pay services or has a high spending limit, the damage can escalate quickly—often before your bank even flags it as suspicious. These details often land there after data breaches, phishing attacks, or malware infections that steal information from unsuspecting users. Even in a digital age, criminals still steal mail for financial documents containing sensitive information. Shimmers, on the other hand, target the chip in modern EMV cards.
JOIN THE Cyber Security Hub COMMUNITY
Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Over the weekend, the stolen credit card marketplace called BidenCash announced they were offering a free giveaway of 1,221,551 credit cards, promoting the leak on multiple other sites. Criminals are abusing mainstream social media applications to advertise stolen data, in this case by brazenly posting full stolen credit card data to the Threads app. This concerted content moderation effort by Telegram to remove channels and search terms related to criminal activity, together with newly observed stolen credit card posts on Threads, could indicate a larger trend of criminals navigating to other platforms to advertise or obtain stolen data. At the time of this writing, stolen credit card data and other sensitive PII found in these posts appear to not only exist on the Threads platform, but unfortunately appear to be heavily promoted by the Threads algorithm in some cases. We see sites on the dark web, and even on the open web, offering gift cards that were purchased using stolen credit cards for many different chains—retail stores, fashion stores, restaurants, and so on.”
It tracks changes to your credit report and helps you spot potential identity theft early, so you’re not the last to know when something goes wrong. Experian’s free credit monitoring service is one easy way to stay alert. But while you can’t undo a data breach, you can take control of what happens next. Once your personal information hits the dark web, it’s nearly impossible to remove it. Unlike legitimate websites, the dark web isn’t governed by takedown policies or centralized control, making it nearly impossible to track or erase your data completely. That’s because data sold or shared in these underground networks is quickly copied, redistributed and stored across multiple anonymous platforms.
Dark Web Credit Card Fraud: Detecting And Preventing Credit Card Fraud
The more you know about what criminals know about your employees and customers, the better you can prepare for and prevent costly cyberattacks like account takeover and fraud from occurring. As we observe posts about stolen information shifting from Telegram to other more public-facing platforms like Threads, there is also the potential for more people to interact with and become interested in scams and financial fraud. Our team at SpyCloud Labs will continue to actively monitor Threads for posts containing sensitive stolen financial data and other PII. So … how do we stop the data from ever being exposed or compromised in the first place, before it can be accessible by any criminals? “Be aware of the data that you have and try at all costs to protect it, but also understand what the typical threats might be that are targeting you,” says Wilson.
Dark Web Marketplace ‘BidenCash’ Hands Out 12 Million Stolen Credit Cards As A Promotion
These alerts can spot fraud fast and keep your money safe. Credit card safety requires active steps. AVS systems also catch fake online buys.
- Get Privacy’s iOS or Android app on your phone and receive alerts and notifications of account activity to stay on top of any suspicious transactions.
- If the data they buy is functional, they can use it to make fraudulent purchases or financial transactions for profit.
- You can also limit your risk by being picky about your ATMs, where criminals sometimes install card skimming devices.
- “We are identifying malicious command-and-control domains that are owned and operated by criminals to deliver Javascript or skimming malware to the merchant checkout pages,” says Capezza.
Why Monitor Deep And Dark Web Credit Card Sites?
And you also see criminals working more peer-to-peer—via direct communication channels, moving away from the centralized marketplaces,” Capezza says. “You have seen criminals move more toward the deep web and surface web. After some recent hard-hitting takedowns of cybercriminals by U.S. and international law enforcement, there’s been a shift away from some of the larger marketplaces that were only accessible in the dark web. Payments professionals also should become more educated—by relying on industry partners, information sharing consortiums, retail and financial services information sharing and analysis centers—and then educating merchants, says Capezza.
Check Your Company’s Exposure
From the data D3Labs has examined so far, about 30% appear to be fresh, so if this applies roughly to the entire dump, at least 350,000 cards would still be valid. Dark web posts and offers of this size are usually scams, so the massive dump of cards could easily be fake data or recycled data from old dumps repackaged under a new name. BidenCash is a stolen cards marketplace launched in June 2022, leaking a few thousand cards as a promotional move. Which makes the fact that is also identified that there were 2.9 billion totally unique sets of compromised credentials, up from 2.2 billion stolen passwords in the 2023 report, available to threat actors on the dark web. LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about.
The majority of those cards, 53% to be exact, were from American Express. We are analyzing the data, more details soon! ℹ️ These cards mainly come from web skimmers! Researchers are still looking into the leak, but early reports show many of the cards could have already been reported to the card issuers. “In the current case, we are dealing with so-called ‘fullz’ – they have info on card number, expiration date, CVV/CVC, and cardholder name, as well as some extra personal info.”
After obtaining the data, sellers don’t just dump it on markets, they package it strategically. The Magecart group pioneered this technique, compromising thousands of online stores by exploiting vulnerabilities in popular e-commerce platforms. These tools offer consumers the most effective way to defend against carding attacks. Transactions can be quickly flagged or blocked, making fraud attempts risky and unreliable.
Over the past few months, as B1ack has been giving away free CCS/FULLZ, the card seller has received positive feedback from customers, who have attested to the high validity rate of the cards. Based on the intelligence Cyberint gathered during our investigation, we discovered that the threat actor or group has been active in carding forums as far back as last year under the profile “B1ack,” formerly known as “blackclub,” and often referred to by users as “king.” This implies that the set of stolen data could have originated from a private collection and was not previously released to the public. An offender who buys 100 cards for $500 can recoup costs if only 20 of those cards are active and can be used to make an average purchase of $30. Some vendors also offer distinct products such as credit reports, Social Security numbers and login details for different paid services. The customers of stolen data markets may reside anywhere in the world, and their demands for specific data or services may drive data breaches and cybercrime to provide the supply.
BidenCash, a dark web carding marketplace, has released the full details of more than 1.2 million stolen credit card details for free. Our investigation into the activities of b1ack’s Stash has unveiled a substantial threat to the security of payment card data across local banks. Considering this backdrop, it is evident that b1ack’s primary goal has consistently been to profit from the sale or use of these stolen credit card details.
Threads, Meta’s Twitter/X competitor, has quickly become a new haven for cybercriminals looking to buy, sell, and distribute stolen credit card information – creating serious implications for businesses trying to prevent financial fraud and downstream identity abuse. Hackers have given away the details of over a million stolen credit cards in a bid to promote a new cyber criminal carding marketplace on the dark web. However, when it comes to the stolen credit cards, Bitsight confirmed that the rise was “exclusively due to a surge in US cards; the number of cards from the rest of the world declined by 1.6 million, but listings of US cards increased by 4.5 million, counting for 80.7% of all compromised card listings in 2024.” But it’s the threat from infostealer malware that is of most concern right now, not just in terms of the gargantuan number of passwords that are available in logs for sale, but the sheer number of stolen credit cards as well. The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. In addition to PayPal account balances, they can also transfer money from any connected bank accounts or credit cards.
Not all personal information is valued the same on the dark web. Here’s what your information is worth and how to protect it. Your personal information can sell for upwards of hundreds or even thousands of dollars on the dark web—and you might not even know it’s even out there to begin with. The average price for your personal information can range from as little as $1 to more than $4,000. The threat actor behind the AllWorld Cards marketplace has a clear goal in mind.
You can also limit your risk by being picky about your ATMs, where criminals sometimes install card skimming devices. If the company you’re buying from doesn’t have your sensitive card information, neither will hackers that hit that merchant with a data breach. Even if you report the fraudulent activity quickly and limit your losses, you may still face the issue of bounced checks or being late on payments, Krebs says. Unless you live the rest of your life only paying with cash, you’ll never be totally impervious to payment fraud. If they aren’t, the buyer can get a refund on the cards. If someone agrees to use the shop’s checker service instead of a third party, the shop will give a guarantee that at least a portion of the cards are usable for a certain period of time.
