I advise everyone, especially Vendors to avoid accessing any markets right now.
Hansa staff upgraded my account to Vendor for free to test the market security on the vendor side, at the start of June - I didn't find any security issues, it was very tighly secured, I found an issue where unindexed directories would expose a port number. Not that this would be a security problem as such, but I sent it to them encrypted to be on the safe side around the end of last month, this never had a response and it was never fixed, I thought nothing of this until this has happened and mentioned it to the subreddit Mods earlier today. I have been testing Dream for a few weeks and came across small bugs and SpeedSteppers stopped responding around a week ago. Dream Market now has a clearnet IP address exposed in JavaScript code, this was NOT there earlier today, or an time before that either. See: https://www.reddit.com/r/DarkNetMarkets/comments/6ojwht/dreammarket_important_opsec_issue_leave_market/
Edit: The links to the support desk on the market have been removed...
Dream is very likely compromized, which is increasingly worrying as it seems more and more likely that there is a Tor exploit allowing the identification of servers hosting hidden services. I would personally advise everyone who can go without their supply temporarily, hold out and let the dust settle so we can see what comes of the next few days. I would guess this is definitely not the end of it.
Keep an eye out for any changes in other Markets, I don't have access to Valhalla but from some posts I have read today, it isn't looking too promising. Also keep in mind that there may not be any visible changes after a market takeover, different agencies are involved in this and will handle it differently, they will try and keep any takeovers as secretive as possible.
At this point in time, I have not been able to identify anything to suggest other markets have been compromized but I am in the process of archiving what I can from each market so I can run regular comparisons.
Can we please reach out to Market administrators for signed messages, although this may not 100% prove their identity right now, it may weed out any markets that have been taken over.
Right now we all need to not let them achieve anything further, do not use the markets for your own safety.
/u/HugBunter
There's a post from 9 months ago about Dream's chat module IP being visible. https://www.reddit.com/r/DarkNetMarkets/comments/5873oq/is_this_speedstepper_from_dream_market_possibly/
They did recently remove the "support" link from the footer of their page, though. I submitted a support ticket a few days ago and got no answer. Checked again recently and the whole link was removed. Definitely weird.
It isn't new information but I'm still wary of any market at this point. Any information such as that could have long been followed up on. Obviously LE said they will be following up on information obtained via Hansa and AB but who knows what else they may be up to.