JAKARTA - Data leaks occurred again, this time 1.2 million credit card information was published on the dark web carding marketplace, BidenCash. Hackers make the data easy to access, giving cyber scams a chance.

BidenCash itself is a stolen card market launched in June 2022, which leaked several thousand cards as promotional moves. Meanwhile, carding is trading and the use of stolen credit cards through point-of-sale malware, a magnitude attack on information thief websites or malware.

A total of 1,221,551 credit card details contain personal information related to what hackers need to facilitate digital transactions, including people's names, bank names, social security numbers, emails, phone numbers, and addresses.

Hackers can use the card to buy goods and take cash from accounts. Credit cards can come from various sources, including from malware that is forced into online stores, individual user malware attacks, or from companies that store credit card info.

To ensure a wider reach, hackers distributed the credit card details collection via clearnet domains and in other hacking and carding forums.

cybersecurity company D3Lab said that most of the card info came from a web skimmer, also known as a Magecart attack in which hackers injected a malware code into the website.

That way, hackers can extract data from ordinary HTML forms used by people to fill in personal details or credit cards.

Launching Gizmodo, Tuesday, October 11, cybersecurity researchers at Cyble stated that most of the card data came from users in the United States (US). The majority of the cards, to be precise, are from the American Express bank. Others, Wells Fargo Bank, US Bank, and Bank of America.

D3Labs has also analyzed some of those cards and found 30 percent still active, although many of the previously registered cards in the All World Cards disposal site, and many others may have been blocked.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)