Payment Card Information of Two Million Users Leaked by Dark Web Marketplace BidenCash - 1

Payment Card Information of Two Million Users Leaked by Dark Web Marketplace BidenCash

  • Written by Ari Denial Cybersecurity & Tech Writer

To mark its first anniversary, the carding platform BidenCash has released a free database containing 21,65,700 credit and debit cards on the internet.

While legitimate businesses celebrate their birthdays by offering discounts, cybercriminals like BidenCash mark their anniversaries by distributing stolen goods, as evident by their recent announcement of giving away credit card data.

The information that has been leaked consists of the complete names of the cardholders, along with their card numbers, bank information, expiry dates, and the card verification value (CVV) numbers. Additionally, the dataset contains the home and email addresses that are linked to the compromised cards.

The leaked data, which was first detected by Cyble researchers , is quite extensive and includes information on a minimum of 7,40,858 credit cards, 8,11,676 debit cards, and 293 charge cards.

While many of them were duplicates, there are still 21,41,564 unique payment cards among them, as confirmed by Andrea Draghetti, the Head of Threat Intelligence at D3Lab.

According to Draghetti’s statement to BleepingComputer, the enormous database also contains around 4,97,000 distinct email addresses, originating from over 28,000 different domains. This information could be extremely valuable as a tool for future targeted phishing scams or other fraudulent campaigns.

According to the threat intelligence firm Flashpoint, the carding shop has been operational since February 28, 2022, and has quickly climbed up the ranks to secure the fifth position in the total volume ranking.

Last October, the carding shop made available an additional dump of 1,221,551 credit cards for free. Similarly, as was observed this week, the criminals shared this information through a clearnet domain and multiple hacking and carding forums.

When D3Lab analyzed a random sample of the leaked credit cards at the time, they found that approximately 30% of them were “fresh,” meaning they could be used for committing financial fraud.

AI-Powered Photo and Video Editing Service Leaks User Images and Email Addresses Online - 2

AI-Powered Photo and Video Editing Service Leaks User Images and Email Addresses Online

  • Written by Ari Denial Cybersecurity & Tech Writer

A widely-used AI image editing tool, Cutout, experienced a data breach that resulted in the exposure of usernames, user images, and email addresses. This highlights the potential hazards of leveraging cloud-based AI solutions to handle sensitive data.

Cutout offers users the ability to modify photos or produce images using an AI-based Application Programming Interface (API), which can be integrated into third-party applications.

The research team informed that “the exposed instance also had around 22 million log entries referencing usernames, including individual users and business accounts. However, this does not imply that an equal number of users was exposed, as some log entries were duplicates.”

“Cutout.pro self-reported having over 300 million API requests, peaking at 4,000 requests per second from over 5,000 applications and websites used worldwide. Cutout.pro boasts of working with over 25k businesses,” they added.

The data of some applications that employed Cutout.pro’s API were also compromised. The team identified that user accounts from the Vivid App and AYAYA App, both of which were listed as customers on Cutout’s website, were among those included in the public database.

The data breach that led to the exposure of user data may compromise their privacy, as hackers could have obtained access to media uploaded by Cutout’s customers for AI-based editing, including personal photos meant for private use.

Cybernews researchers said, “if Cutout.pro’s developers previously didn’t back up the data, the open instance could have led not only to the temporary denial of service but a permanent data loss that was stored on the open instance. Attackers could have wiped it out.”

Business clients who utilized Cutout.pro’s API are encouraged to inspect the endpoints that were linked with the service. Similarly, users are advised to update their platform usernames as a precautionary measure.