Largest darknet stolen credit card site closes

The administrators of the largest illegal marketplace on the darknet for stolen credit cards are retiring after making an estimated $358m (£260m).

The anonymous owners of UniCC thanked the criminal fraternity for their business, citing age and health for the closure.

Many other illegal darknet marketplaces have also shut down voluntarily over the winter for unknown reasons.

Police say the trend leaves them with mixed feelings.

The darknet is a part of the internet only accessible through special browsing software.

‘We are not young’
Cryptocurrency experts at analysts Elliptic traced hundreds of millions of dollars in crypto-payments made to UniCC.

UniCC posted on darknet forums in both Russian and English saying “our team retires”. The anonymous criminals added: “We are not young and our health do not allow to work like this any longer”.

UniCC has been active since 2013 with tens of thousands of new stolen credit cards listed for sale on the market each day.

Hundreds of millions of payment card details have been stolen from online retailers, banks and payment companies before being sold on online marketplaces such as UniCC.

These stolen cards have value because they can be used to purchase high-value items or gift cards, which can then be resold for cash.Elliptic researchers say the website has received cryptocurrency payments since it opened totalling $358m across Bitcoin, Litecoin, Ether and Dash.

The closure of UniCC comes just under a year after the retirement of the previous market leader, Joker’s Stash.

It’s also the latest in a growing list of criminal marketplaces to have voluntarily retired in the last six months.

Vaccines and vaccine passports being sold on darknet
Dark web drugs gang dismantled
In October 2021, White House Market – the largest darknet market of its kind – announced that it would shut down. This was followed by Cannazon in November and Torrez over Christmas.

When Torrez closed in December it was one of the largest English-language marketplaces in the world selling drugs, hacking tools, counterfeit cash and criminal services.

A letter posted on its homepage said it had been “a great pleasure to work with most vendors and users”.

Historically when darknet sites close down, the operators disappear with customers’ or vendors’ money – this is known as an exit scam. They may also be hacked, or busted by police and taken offline.

This new trend for marketplaces winding down in an orderly fashion is known as “sunsetting” or “voluntary retirement”.

“Right now it seems to be happening more. Markets gracefully exit and say, ‘We’ve made enough money, and before we get caught, we’re just going to retire and go into the sunset,” says Prof David Décary-Hétu, a criminologist at the University of Montreal.

He says that administrators running large marketplaces like Torrez can make upwards of $100,000 a day in commission fees.

For police, who would prefer criminals to face justice, this kind of exit causes mixed feelings.

“I always celebrate anybody who perhaps realises that they’re in an occupation, which is criminalised and decided not to enhance that further,” says Alex Hudson, the National Crime Agency’s head of darknet intelligence.

“If there is a regret, it’s that we do need to hold them accountable for it and they need to understand that they will still be held accountable.”

The closures are unlikely to spell the end of darknet markets as new ones will no doubt emerge.

New BBC research for Radio 4’s File on Four found that at least 450 darknet vendors operating today have outlived previous police closures over the last decade.

Meta monopoly case from FTC given go-ahead

The US Federal Trade Commission (FTC) has been given the go-ahead to take Facebook to court over anti-trust rules.

The competition and consumer regulator is trying to make Facebook – now called Meta – sell off Instagram and WhatsApp.

A previous version of the same action failed last year because of a lack of detail.

The FTC has since revised the case and a federal judge has said the claim is now “far more robust” and can go ahead.

Meta said it was sure it would prevail in court.

Seeking ‘divestiture’
The FTC’s claim revolves around the idea Facebook had systematically bought up rivals to eliminate competition, effectively giving itself a monopoly.

The key examples were Instagram and WhatsApp, which Facebook acquired in 2012 and 2014.

The FTC was seeking “divestiture” – the selling off of those companies to eliminate the alleged monopoly.

Considering the case in June 2021, Judge James Boasberg said the FTC had not provided a justification for its delay in looking into the matter nor provided enough evidence to support its claims.

“It is almost as if the agency expects the court to simply nod to the conventional wisdom that Facebook is a monopolist,” he wrote at the time.

In the wake of the case being thrown out, Facebook’s stock price surged and the company achieved a trillion-dollar (£0.7tn) market value for the first time.

Giving the revised case the go-ahead, on Tuesday, Judge Boasberg wrote: “In stark contrast with its predecessor, this complaint provides reinforcing, specific allegations that all point toward the same conclusion: Facebook has maintained a dominant market share during the relevant time period.”

However, he added: “The agency may well face a tall task down the road in proving its allegations.”

Meta had asked the court to dismiss the case entirely, saying Lina Khan – a vocal critic of Meta, who chairs the FTC – was biased against the company.

Judge Boasberg, however, said Ms Khan was not an impartial judge and more akin to a prosecutor.

“Although Khan has undoubtedly expressed views about Facebook’s monopoly power, these views do not suggest the type of ‘axe to grind’ based on personal animosity or financial conflict of interest that has disqualified prosecutors in the past,” he wrote.

But the judge did tell the FTC it had to drop some allegations about Facebook’s platform policies, which he said the company had already changed.

Meta said: “Today’s decision narrows the scope of the FTC’s case by rejecting claims about our platform policies.

“It also acknowledges that the agency faces a ‘tall task’ proving its case regarding two acquisitions it cleared years ago.”

Pokémon Go: Police fired for chasing Snorlax instead of robbers

Two Los Angeles police officers were fired for chasing Pokémon rather than fleeing robbers, court documents show.

The pair were parked nearby when a radio call came in for officers to respond to a shop robbery.

But a review of their in-car camera footage showed they had been playing Pokémon Go and chose to pursue a nearby Snorlax – a relatively rare catch – instead of providing back-up.

The pair denied playing the game but were sacked after an investigation.

Virtual creatures
Details of the case emerged when the most recent documents about their appeal – which was dismissed – were spotted by Axios.

After ignoring a radio call for back-up, “for approximately the next 20 minutes, captured [the] petitioners discussing Pokémon as they drove to different locations where the virtual creatures apparently appeared on their mobile phones”, the documents say.

Louis Lozano and Eric Mitchell had been on patrol when Macy’s department store was robbed, on 15 April 2017.

Another officer, Capt Davenport, who also heard the call, could see the shop – and another police car parked in a nearby alley, the court documents show.

Those nearby officers did not respond to the call, so Capt Davenport did so himself – and saw the other police car reverse down the alley and leave the area.

Why Pokémon Go makers are working with Nintendo again
Happy birthday Pokemon: 25 years of fandom
The two officers later told a sergeant who had been trying to contact them to provide back-up they had not heard the radio.

But the in-car camera footage revealed they had discussed the call and decided not to respond.

Instead, five minutes later, they could be heard talking about catching Pokémon.

“Officer Mitchell alerted Lozano that ‘Snorlax… just popped up [at] 46th and Leimert'”, the documents say.

The pair then left in that direction to embark on a 20-minute gaming session and discussion.

They could be heard talking about the successful capture of Snorlax and how difficult the battle with Togetic – another Pokémon – was.

“The guys are going to be so jealous,” Officer Mitchell said.

‘Extra patrol’
Both officers denied gaming on duty, telling the investigating detective Officer Mitchell had been reading aloud from a text group of other players “bragging about their scores”.

“Det McClanahan determined [the] petitioners were not being truthful,” the court documents say.

Pokemon player fined for breaking Covid rules
How military struggled with Pokemon Go craze
A subsequent board hearing into misconduct found the pair guilty of:

failing to respond to a robbery call
making misleading statements
failing to respond to the radio when contacted
playing Pokémon Go on duty
making false statements under investigation
The “petitioners admitted leaving their foot-beat area in search of Snorlax but they insisted they did so ‘both’ as part of an ‘extra patrol’ and to ‘chase this mythical creature’,” according to the court.

Their representatives had argued in-car recordings were not supposed to be used to record private conversations and should not have been used as evidence – but that was denied.

The pair then went to court, where their case was rejected.

The appeal court also rejected the case, saying the two former officers’ rights had not been violated.

Oculus Quest 2: Meta to discuss children’s VR safety with watchdog

The Information Commissioners’ Office (ICO) is to talk to Meta about how its virtual reality (VR) business Oculus complies with the regulator’s “children’s code”.

The code aims to ensure that online services likely to be accessed by children are appropriate for their use.

A campaign group recently found evidence of harassment of under-18s in a popular third-party VR chat app.

Meta says it is working to implement the code with the ICO.

“We’re committed to meeting the obligations under the code, and to providing young people with age-appropriate experiences,” the company said.

Users of Oculus need to be over 13 years of age, and the firm’s guidance says: “Adults should monitor how their children… use Oculus devices.”

But crossbench peer Beeban Kidron, who is the architect of the children’s code, said she was concerned the checks were insufficient.

She told the Guardian: “Kids using VR headsets like Oculus can access chat rooms and other features known to carry risk, by simply ticking a box declaring they meet the minimum age requirements.”

Virtual chat
Recently, the issue of child safety in virtual reality was raised by the Center for Countering Digital Hate (CCDH). The campaign group looked at a popular third-party app called VRChat.

The app works on a number of platforms, including Oculus where it is available in the VR headset’s app store.

CCDH claimed its research found instances where under-18s were:

exposed to graphic sexual content
among users who suffered bullying, sexual harassment and abuse
groomed to repeat racist slurs and extremist talking points
The VRChat app allows users to create virtual environments or “worlds” in which to interact with others.

According to the report, researchers visited one user-built environment “themed as a sex club that nonetheless states it is suitable for children aged 13+ and up”.

The BBC has approached VRChat for comment.

VRChat’s community guidelines state that harassment is not permitted, that “pornography and nudity is not allowed” and that it doesn’t allow “hate speech, including language, symbols, and actions”.

‘Continuous effort”
The ICO said: “We are planning further discussions with Meta on its children’s privacy and data protection by design approaches to Oculus products and virtual reality services.”

Andy Burrows, head of child safety online policy at the National Society for the Prevention of Cruelty to Children, also expressed concerns about the safety of virtual environments.

“Children can evidently be exposed to harmful and inappropriate content when using Oculus”, he wrote, “and this raises substantive questions about whether Meta has met its regulatory requirements in the children’s code.”

In a statement, Meta said: “We’re working to implement the standards within the Age Appropriate Design Code (children’s code), in consultation with the ICO.

“This is a continuous effort on our part which takes into account developing technologies, guidance and understanding around the digital environment, and how young people interact with it.”

Crisis-hit Sri Lanka asks China to restructure its debt

The president of crisis-hit Sri Lanka has asked China to restructure its debt repayments as part of efforts to help the South Asian country navigate its worsening financial situation.

Gotabaya Rajapaksa made the request during a meeting with Chinese foreign minister Wang Yi on Sunday.

In the last decade China has lent Sri Lanka over $5bn (£3.7bn) for projects including roads, an airport and ports.

But critics say the money was used for unnecessary schemes with low returns.

“The president pointed out that it would be a great relief to the country if attention could be paid on restructuring the debt repayments as a solution to the economic crisis that has arisen in the face of the Covid-19 pandemic,” Mr Rajapaksa’s office said.

The statement also said China was asked to provide “concessional” terms for its exports to Sri Lanka, which amounted to around $3.5bn last year, without providing further details.

Mr Rajapaksa also offered to allow Chinese tourists to return to Sri Lanka provided they adhere to strict coronavirus regulations.

Before the pandemic China was Sri Lanka’s main source of tourists and it imports more goods from China than from any other country.

In recent months, Sri Lanka has been experiencing a severe debt and foreign exchange crisis, which has been made worse by the loss of tourist income during the pandemic.

China is Sri Lanka’s fourth biggest lender, behind international financial markets, the Asian Development Bank and Japan.

The country has received billions of dollars of soft loans from China but the island nation has been engulfed in a foreign exchange crisis which some analysts have said has pushed it to the verge of default.

Sri Lanka has to repay about $4.5bn in debt this year starting with a $500m international sovereign bond, which matures on 18 January.

The country’s central bank has repeatedly assured investors that all of its debt repayments will be met and said funds for this month’s bond repayment has already been allocated.

Sri Lanka is a key part of China’s Belt and Road Initiative, a long-term plan to fund and build infrastructure linking China to the rest of the world.

However, some countries, including the US, have labelled the project a “debt trap” for smaller and poorer nations.

Beijing has always rejected those accusations, and in response has accused some in the West of promoting this narrative to tarnish its image.

Is China luring poorer countries into debt?
Last month a Sri Lankan government minister said the country planned to settle a debt for past oil imports from Iran by paying it off in tea.

It plans to send $5m worth of tea to Iran each month to clear a $251m debt.

In September, Sri Lanka declared an economic emergency, after a steep fall in the value of its currency, the rupee, caused a spike in food prices.

Authorities said they would take control of the supply of basic food items, including rice and sugar, and set prices in an attempt to control rising inflation.

France fines Google and Facebook over cookies

French regulators have hit Google and Facebook with fines totalling 210m euros (£175m) over use of cookies.

Data privacy watchdog the CNIL said both sites were making it difficult for internet users to refuse the online trackers.

Consent for the use of cookies is key to the EU’s data-privacy regulation and a major priority for the CNIL.

The social-media firms have three months to comply or face penalties of 100,000 euros for each day of delay.

Cookies are little packets of data that allows web browsers to store information and provide, for example, targeted ads.

“When you accept cookies, it’s done in just one click,” said Karin Kiefer, the CNIL’s head of data protection and sanctions.

“Rejecting cookies should be as easy as accepting them.”

In its statement, the Commission Nationale Informatique & Libertés said it had found that while the tech giants provided a virtual button to allow the immediate acceptance of cookies, there was no equivalent to refuse them as easily.

Google, which was fined 150m euros, said: “People trust us to respect their right to privacy and keep them safe. We understand our responsibility to protect that trust and are committing to further changes and active work with the CNIL in [the] light of this decision.”

Facebook, now owned by Meta, said it was “reviewing” the decision to fine it 60m euros.

“Our cookie consent controls provide people with greater control over their data, including a new settings menu on Facebook and Instagram, where people can revisit and manage their decisions at any time, and we continue to develop and improve these controls,” it said.

Previous fines
Cookies are highly valuable for Google and Facebook as ways to personalise advertising, which is their primary source of revenue.

But privacy advocates have campaigned against it.

Since the EU passed a law on personal data in 2018, internet companies face stricter rules that oblige them to seek the direct consent of users before installing cookies on their computers.

This is not the first time Google, owned by Alphabet, has been slapped with heavy fines for falling foul of European law.

It was also the target of the CNIL’s previous record fine of 100m euros, in 2020.

At the time, it was the largest ever issued by the French data privacy watchdog over ad-tracking cookies.

US retail giant Amazon was also fined 35m euros for breaking the rules.

Ms Kiefer said the issues had been resolved since then.

In 2020, the CNIL strengthened consent rights over ad trackers, saying websites operating in France should keep a register of internet users’ refusal to accept cookies for at least six months.

It also said internet users should be able to easily reconsider any initial agreement concerning cookies via a web link or an icon that should be visible on all the website pages.

Drone helps save cardiac arrest patient in Sweden

An autonomous drone has helped to save the life of a 71-year-old man who was suffering a cardiac arrest.

The drone delivered a defibrillator to a doctor helping the man, who became ill while shovelling snow outside his house in Trollhattan, Sweden.

The man, who didn’t wish to be named, told the BBC it was “fantastic” that it arrived so quickly.

The company behind the drone says it meant that defibrillation could begin before the arrival of an ambulance.

Everdrone says it took just over three minutes from the alarm being raised until the Automated External Defibrillator (AED) was delivered.

Passing doctor
The patient told the BBC he doesn’t remember what happened that day in early December.

He was clearing thick snow from his driveway but when the cardiac arrest hit, “everything went black”, he said.

His wife later told him how lucky he had been.

Dr Mustafa Ali, who happened to be driving past at the time, rushed to help and told Everdrone: “I was on my way to work at the local hospital when I looked out the car window and saw a man collapsed in his driveway.

“The man had no pulse, so I started doing CPR while asking another bystander to call 112 (the Swedish emergency number).

“Just minutes later, I saw something flying above my head. It was a drone with a defibrillator.”

Everdrone chief executive Mats Sallstrom believes the technology played a part in a team effort to save the patient’s life.

“It’s a medical doctor doing CPR, it’s the early defibrillation, it’s the treatment in the ambulance on the way to the hospital,” he told the BBC.

“It’s important to understand that there’s a chain of events saving the person’s life, and the drone is a very critical part of how that system works.”

The drone is a partnership between the Karolinska Institutet – Sweden’s largest medical university – together with the national emergency operator SOS Alarm, Region Vastra Gotaland and Everdrone.

In 2020, the group explored the use of drones to deliver defibrillators in Gothenburg and Kungalv in western Sweden.

Over the four-month study, the Karolinska researchers found that drones were dispatched to 12 out of 14 cases of suspected cardiac arrest, and successfully delivered an AED in all but one.

In seven cases the drones arrived before the ambulances.

In the December incident, it was fortunate that a doctor was nearby, but questions remain about whether members of the public without medical training would know what to do with a defibrillator.

In the 2020 study no devices were attached to patients, though the reasons why are unclear.

Mr Sallstrom said they are designed for an untrained person to use, adding: “In these scenarios you are also on the phone to the emergency centre and they can guide you.”

Since 2020, Everdrone says the system has got a lot faster – the focus now is to work closely with the dispatchers who give instructions to the people on site.

Everdrone is in talks to bring the technology to other countries, including the UK – though the firm won’t say to which ones it has been speaking.

Drones are already in use by some UK emergency services. Earlier this year, an 83-year-old man’s family said his life was “saved” when he was found by a police drone after being missing for 18 hours.

Ready to go
The key to the Swedish system is having an integrated system ready to go, Everdrone says.

The drone system is electronically integrated with the emergency dispatch system and can get ready to fly as soon as an emergency call suggesting a cardiac arrest is received, Mr Sallstrom said.

Although the drone is autonomous, there is also a “pilot in command” – who oversees the operation for safety reasons and can obtain clearance to take off from air traffic control.

“This might seem like a huge process but roughly 60 seconds from the alarm we can be on our way,” said Mr Sallstrom.

Time is very much of the essence, the chance of survival decreases by 7-10% with each minute following collapse, the company says.

And Everdrone believes eventually the system might be used to deliver other urgently needed medical devices.

The patient the drone helped save is certainly a fan. In his town, road congestion can be a problem, but the drones, he says, fly over the traffic.

“I’m very, very happy. I think it’s fantastic that they came so quickly,” he says.

Vodafone and EE delay EU roaming charges return

Vodafone is delaying the reintroduction of roaming charges in Europe by three weeks.

The phone network had planned to bring in post-Brexit roaming fees on 6 January, matching other networks who plan to do so in 2022.

But it said more time was needed for testing, and the change will now come in at the end of January.

EE has also delayed resuming its roaming charges, which were planned for January, until March.

Before the UK left the EU, users were able to use their calls, texts, and data allowance in their mobile plans in any EU country. But the EU trade deal of December 2020 gave mobile operators the option of reintroducing charges.

The Three network has also said it will bring in roaming charges between the UK and Europe, though their change is planned for May 2022.

That means that of the largest mobile networks, only O2 has not announced any plans for the reintroduction of roaming fees.

Mobile roaming charges: What you need to know
Three to bring in Europe roaming charges
Explaining the reason for delaying its planned changes, Vodafone said it was not ready to bring in the new system.

“We have pushed back the introduction of roaming charges to the end of January, giving time for further testing to ensure the best possible experience for customers purchasing our £1 per day bundles. Until then, customers will continue to be able to roam without charges.”

The £1 a day charge is Vodafone’s best price, and only applies when bought in an eight or 15-day bundle. The usual planned price is £2 per day in fees, matching EE and Three’s planned pricing.

EE said the shift in its plans was caused by unspecified technical delays.

“Making big changes to billing systems in mobile phone networks is always risky,” said Ben Wood, chief analyst at CCS Insight and founder of the Mobile Phone Museum.

“The backlash and negative publicity for any network operator that does not get it right would be immense if a customer ended up with an eye-watering roaming bill.

“My guess is that rather than rushing out a change, the operators are delaying the introduction to be absolutely sure everything is working.

“Given the current Covid situation it’s not like lots of people are travelling, so the operators are not going to be massively exposed on unexpected roaming costs.”

China Mobile shares rise in Shanghai debut after US exit

China Mobile shares have risen as they started trading in Shanghai after raising $7.7bn (£5.7bn) in China’s biggest public offering in a decade.

The shares opened 9.4% higher before easing back in morning trade.

China Mobile’s smaller rivals, China Telecom and China Unicom, have already made the move to their home country.

The three firms were delisted from the New York Stock Exchange after a Trump-era decision to restrict investment in Chinese technology companies.

China Mobile’s Hong Kong-listed shares also rose in early trade after the company said it would press ahead with a plan to buy back up to 2.05 billion shares, worth nearly $13bn.

Nina Xiang, the author of US-China Tech War, told the BBC that the Chinese government would have made sure that China Mobile’s Shanghai debut went well.

She said: “It’s important for Beijing to ensure this listing appears successful and smooth to prove that China has the wherewithal to accommodate its own companies on its own stock exchanges.

“But it won’t be great for Chinese companies to lose the access to the US capital markets as it will be another step in the downward spiral of deteriorating bilateral relations,” she added.

China ride-hailing giant Didi sees losses deepen
China AI firm SenseTime relaunches $767m listing
The policy introduced by the Trump administration to clamp down on investments in Chinese technology firms has remained in place under President Joe Biden as tensions continue between Washington and Beijing.

Ms Xiang also highlighted that more US-listed Chinese firms may take similar steps to safeguard their share listings: “There are dozens of Chinese companies listed on US exchanges that might seek a listing in Hong Kong this year to secure their shares remain publicly traded, in case the two countries couldn’t reach a solution for Chinese firms to remain listed in the US.”

The company has said it plans to use the cash raised from the offering to develop projects including premium 5G networks, infrastructure for cloud resources and artificial intelligence software.

China Mobile is the world’s largest mobile network operator by total subscribers.

Last month, Chinese ride-hailing giant Didi Global has announced plans to take its shares off the New York Stock Exchange and move its listing to Hong Kong.

The firm had come under intense pressure since it raised $4.4bn in its US debut at the end of June.

Also, within days of the New York initial public offering Beijing announced a crackdown on technology companies listing overseas.

Didi shares have lost almost 65% of their value since their US market debut.

Top US phone firms reject call to delay 5G rollout

Two of the biggest US phone firms have rejected a government request to delay the rollout of 5G services this week.

The US Transportation Secretary Pete Buttigieg and the Federal Aviation Administration (FAA) made the request over concerns about aviation safety.

However, AT&T and Verizon did say they will implement temporary safeguards.

Plane makers have warned that C-Band spectrum 5G wireless signals may interfere with sensitive aircraft electronics and could disrupt flights.

In a joint letter, the chief executives of AT&T and Verizon said the proposal to delay for a fortnight the introduction of 5G services, which are due to start on 5 January, would be “an irresponsible abdication of the operating control required to deploy world-class and globally competitive communications networks.”

However, they also said that they will not deploy 5G around airports for six months, similar to an approach adopted in France.

“The laws of physics are the same in the United States and France,” the letter said.

“If US airlines are permitted to operate flights every day in France, then the same operating conditions should allow them to do so in the United States,” it added.

But the FAA said circumstances in France are different, including that telecom firms operating in that country use lower power levels for 5G than are allowed in the US.

The aviation industry and the FAA had previously raised concerns about potential interference of 5G with aircraft equipment like radio altitude meters.

Last month, the bosses of the world’s two biggest plane makers, Airbus and Boeing, made an appeal to Mr Buttigieg in which they said “5G interference could adversely affect the ability of aircraft to safely operate”.

The letter cited research by trade group Airlines for America which found that if the FAA’s 5G rules had been in effect in 2019, about 345,000 passenger flights and 5,400 cargo flights would have faced delays, diversions or cancellations.

The airline group urged the US Federal Communications Commission (FCC) and the telecom industry to work with the FAA and aviation companies and said it may go to court on Monday if the FCC does not act.

On Sunday, an FCC spokesperson said the agency is “optimistic that by working together we can both advance the wireless economy and ensure aviation safety.”