BOOK THIS SPACE FOR AD
ARTICLE ADUniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing what’s next.
A top underground market for buying and selling stolen credit-card details, UniCC, has announced it’s shutting down operations.
The site accounted for about 30 percent of carding scam business and, since it was launched in 2013, handled about $358 million in cryptocurrency transactions, according to the Elliptic Threat Intel team, which published the announcement from UniCC leadership.
“Our team retires,” the UniCC leadership posted on underground carding sites in both English and Russian. “Don’t build any conspiracy theories about us leaving, it is (a) weighted decision, we are not young and our health do(es) not allow to (us) work like this any longer.”
The post, signed “your Unicc Team,” gives users 10 days to spend their balances.
“We ask you to be smart and not follow any fakes tied to our comeback and other things,” the notice concluded.
Carding Marketplace Shakeup
UniCC’s business was booming after the December 2020 takedown of Joker’s Stash, formerly the carding marketplace of choice. Elliptic noted the overall market for stolen credit-card data last year topped more than $1.4 billion just in Bitcoin.
But in recent months, Elliptic pointed out that other underground marketplaces appear to be hanging up the towel. The White House Market announced it was shutting down in October; and by November, Cannazon went dark. In December it was Torrez’ turn. By early January, Monopoly Market was unexpectedly inaccessible, the report added.
The departures could be a reaction to law-enforcement activities, the Elliptic Threat Team said, but it’s just as likely underground carding marketplace admins are using the chaos to make off with their users’ account balances.
“The wave of recent departures has potentially been a trigger for UniCC’s retirement, as illicit actors see an opportunity in the turbulence to either run away with users’ funds or retire to avoid increased law-enforcement attention,” the report added.
At the same time, new entrants into the stolen data marketplace game are looking to gain a foothold. In August, a new carding marketplace AllWorld.Cards launched with a huge stunt — they released the payment data for 1 million stolen credit cards on the Dark Web for free.
These illicit payment-card data marketplaces can also be an attractive target for fellow hackers.
Last April, Swarmshop was breached and the carding site’s database of stolen payment data was leaked online.
“Tens of thousands of new cards were listed for sale on the market each day, and it was known for having many different vendors — with the fierce competition keeping prices relatively low,” Elliptic noted. “As UniCC retires, focus will now be on who emerges as the main successor. Meanwhile, the operators behind UniCC will be seeking to cash out their formidable profits.”
Password Reset: On-Demand Event: Fortify 2022 with a password-security strategy built for today’s threats. This Threatpost Security Roundtable, built for infosec professionals, centers on enterprise credential management, the new password basics and mitigating post-credential breaches. Join Darren James, with Specops Software and Roger Grimes, defense evangelist at KnowBe4 and Threatpost host Becky Bracken. Register & stream this FREE session today – sponsored by Specops Software.