More than 2 million stolen credit card numbers have been exposed by Russian-language dark web carding marketplace BidenCash
, reports The Record
, a news site by cybersecurity firm Recorded Future.
Many of the leaked credit card numbers may have already been canceled by financial institutions, owing to their prolonged availability in the dark web, while nearly 70% of the compromised numbers will also expire this year, according to Flashpoint.
Despite the perceived limited utility of the BidenCash data leak, threat actors could still leverage other exposed data, which Cyble notes to include names, phone numbers, emails, and home addresses, in other attacks, said researchers.
BidenCash is cementing its place in the illicit carding market with the leak, noted Ilya Volovik of Recorded Future's Insikt Group, who added that the carding will only become more prevalent in Russia amid ongoing political and economic turmoil stemming from the Russia-Ukraine war.
"The shadow economy that prevailed in Russia in the 90s-2000s will return," said Volovik.