UniCC, the biggest dark web marketplace for stolen credit and debit cards, has announced that it’s shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash.
“Don’t build any conspiracy theories about us leaving,” the anonymous operators of UniCC said in a farewell posted on dark web carding forums, according to blockchain analytics firm Elliptic. “It is [a] weighted decision, we are not young and our health do[es] not allow [us] to work like this any longer. “
The UniCC team also gave its users 10 days to spend their balances, while also warning customers to “not follow any fakes tied to our comeback. “
Platforms like UniCC serve as an underground market where credit card information is stolen from banks and online merchants. The cards are then used by criminal actors to purchase high-value items or gift cards.
“This process is known as ‘carding,’ and it has become a key part of the cybercriminal’s playbook,” Elliptic researchers said. The technique can be very lucrative in itself, but can also be used to launder or cash out cryptocurrency that has been obtained via other forms of cybercrime. “
The sunsetting comes exactly a year after Joker’s Stash, the previous market leader, announced its retirement in January 2021 after having facilitated the sale of nearly $400 million in stolen cards. The demise of Joker’s Stash worked to UniCC’s benefit, which quickly snapped up the top spot with a 30% market share, the researchers noted.
It’s also the latest in a growing list of criminal marketplaces to have voluntarily closed shop over the past year, including that of White House Market, Cannazon, and Torrez. This was followed by Monopoly Market, which became inaccessible early this month in what’s suspected to be an exit scam.
That said, the illicit market for stolen credit card data has become so lucrative that sales have surpassed 1. 4 billion just in Bitcoin, paving the way for new entrants to the space that tend to swiftly fill the vacuum left by defunct criminal entities in a manner that mirrors the ever-evolving ransomware landscape.
The most notable of the lot has been All World Cards, which emerged on the scene in May 2021 and has since drummed up attention by leaking data for one million credit cards plundered between 2018 and 2019 on a cybercrime forum for free, with most cards from the State Bank of India, Banco Santander, and Sutton Bank.
“The wave of recent departures has potentially been a trigger for UniCC’s retirement, as illicit actors see an opportunity in the turbulence to either run away with users’ funds or retire to avoid increased law enforcement attention,” the researchers said.