One of the Dark Web’s largest carding platforms, UniCC, has announced its “retirement” from the criminal industry.
UniCC has been active since 2013. The platform specializes in so-called “carding”: credit card fraud and the sale of stolen data that can then be used to perform unauthorized transactions, to clone cards and potentially facilitate identity theft.
The retirement notice was posted in Russian and English on a number of dark web forums.
“Our team is retiring,” the post read. “Thank you to everyone who has been with us for years. To the loyal partners, customers and colleagues who have helped us in many ways, I would thank each one separately, but that is unprofessional. If I or some members of our team fail your expectations – we [are] really sorry.”
The operators then gave the apparent reasons for the closure of UniCC: the age and state of health of its team.
“Don’t build conspiracy theories about us leaving. It’s a considered decision, we’re not young and our health doesn’t allow us to work like that anymore.”
The UniCC team then warned users that they had 10 days to close their deals and clear their accounts before the platform shut down, alongside its affiliate domain — LuxSocks –.
“We ask you to be smart and not track counterfeits related to our return and other things,” the operators added.
According to an analysis conducted by Elliptic, since 2013, UniCC has generated approximately $358 million in stolen data purchase revenue through cryptocurrencies such as Bitcoin, Ether, Litecoin, and Dash.
“Tens of thousands of new cards hit the market every day, and it was known to have many different vendors – fierce competition kept prices relatively low,” Elliptic noted. “As UniCC retires, the focus will now be on who emerges as the primary successor. The overall carding market recently exceeded over $1.4 billion in sales with Bitcoin alone. operators behind UniCC will seek to cash in their tremendous profits.”
In February of last year, one of the biggest carding forums, Joker’s Stash, called it quits. The platform made it easy to trade and sell stolen payment card data, but following the seizure of a number of domains used by Joker’s Stash several months prior – and the operator’s apparent hospitalization in due to COVID-19 – the service has closed.
Joker’s Stash is also estimated to have generated millions of dollars in illicit profits over its lifetime.
Whether or not the operators have really “retired” or are just looking to cash out, that doesn’t mean that’s the end of the story – law enforcement might still be knocking on their door, one day.
Speaking to the BBC, Alex Hudson, director of intelligence for the UK’s National Crime Agency (NCA), said the shutdown had created “mixed” feelings. Although the operators have left the criminal industry and the potential pool of tradeable stolen data has shrunk slightly, this may also seem like unfinished business.
“If there’s any regret, it’s that we need to hold them accountable and they need to understand that they will always be held accountable,” Hudson commented.
Previous and related coverage
Do you have any advice? Get in touch securely via WhatsApp | Signal at +447713 025 499, or more at Keybase: charlie0