BidenCash Strikes Again with 910K Credit Card Leak
A massive credit card leak tied to BidenCash resurfaces on a closed Russian hacker forum
In a significant development within cybercriminal circles, the notorious dark web marketplace BidenCash has published a colossal dump of 910,000 compromised credit card records—this time under the guise of an “anti-public system work.” The announcement was made via a thread on a closed Russian-speaking hacker forum, known for trading illicit financial data and cyber exploits.
What Is BidenCash?
BidenCash, a darknet carding marketplace, emerged in 2022 and quickly gained notoriety for distributing stolen financial data for free or at extremely low prices. From “promo dumps” to high-volume leaks, it has earned a reputation as a high-volume player in the underground economy, especially after offering hundreds of thousands of credit card records in earlier leaks.
Unlike other marketplaces that charge high premiums or require complicated escrow mechanisms, BidenCash follows a model designed to flood the cybercriminal ecosystem with fresh stolen data—whether as a promotional stunt or a reputation flex.
The New Leak: 910,000 Fresh CC Records
On April 15, 2025, a user going by the handle BidenCash—believed to be a verified administrator account (as confirmed by the green "Premium" tag and a wallet deposit of 0.2555 BTC on the profile)—posted a thread titled:
“Biden AP system 910.000 cvv for free”
The forum post includes multiple file-sharing links containing a .txt file with nearly a **million **credit card data. According to the poster, the records stem from BidenCash's internal systems and chats monitored over the past month.
A key excerpt from the post reads:
“Once again, we will show the results of our anti-public system’s work... The cards that were found on our platform for sale have been removed, and the suppliers were fined for each card found.”
The dump appears to include full credit card numbers, expiration dates, and CVV codes. Initial inspection of the .txt file confirms a structured format such as:
0002XXXXXXXXX|04/28|***
0002XXXXXXXXX|05/28|***
0011XXXXXXXXXXXX|11/2026|***
This structure makes the data ready for use in automated carding tools and further fraudulent activity. With over 900,000 entries, the breach could have global implications if banks and payment providers do not act swiftly.
File Access and Contents
The post shares file hosting links from mainstream and underground-friendly services, including:
- https://dropmefiles.com/
- https://gofile.io/
- https://limewire.com/
- onion link to a mirrored dark web domain
The file includes common BINs (Bank Identification Numbers), confirming these are likely global entries from various issuers.
Why This Matters
This leak is not just another carding dump. It illustrates a growing trend of dark web marketplaces weaponizing their own infrastructure to penalize untrustworthy suppliers and generate PR in criminal circles. By claiming that sellers were “fined,” BidenCash is attempting to appear more secure and self-policing, even while engaging in blatantly illegal activity.
Moreover, the mass distribution of usable credit card data is a potential precursor to fraud waves. Industries including e-commerce, banking, and even ride-sharing may see upticks in chargebacks and identity abuse.
The rapid, free dissemination of high-quality card data like this underscores a growing threat from decentralized, “anti-public” actors who blend ideology, business, and reputation-building into a potent criminal strategy.
Leakd will continue monitoring the BidenCash marketplace and provide updates as financial institutions respond.
Disclaimer: This article is intended for informational and journalistic purposes only. Leakd does not host, distribute, or encourage interaction with leaked or illicit materials. If you're a security researcher or affected cardholder and wish to analyze this dump further, do so only in compliance with all applicable laws and ethical guidelines. Handling or downloading such files without proper authorization may be illegal in your jurisdiction.