Dream Market 16 compromized Vendors SOLID PROOF

Simple minded coppers trying to be smart. I have reported this to admin but as usual they dont give a FUCKS. I did this in 1 minute and found 16 accounts, easy right? Pgp is everything on this side of the web, use it everywhere always, even when you want to say HI. I do not believe dream is comprimized but they sure are lazy as fuck or busy as god.

Lets go to the point of my post.

Dream Market has 16 confirmed LE vendoraccounts, some of them with very high sales. These are the 16 confirmed accounts:

rxchemist [Dream]

mushroomgod [Dream]

dutchcandyshop [Dream]

mushroomgirl [Dream]

Gridlockdope [Dream]

cannab1z [Dream]

GlazzyEyez [Dream]

guessguess [Dream]

MarcoPolo420 [Dream]

wolfydutch [Dream]

00DRGREEN00 [Dream]

cocaMG [Dream]

BoulderMedical [Dream]

ibulk [Dream]

DrPoseidon [Dream]

medicalzNL [Dream]

*** I am not sure about this account, if you want to check them send them a private message encrypted with their key, not the police key of course.

*Smokingjoes [Dream]

To check yourself go to:

http://grams7enufi7jmdl.onion/infodesk

Paste this key in the pgp searchbox:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFlE/aABEAC5f4TbW4jCsAxBSbsxCZI3kDlo2G5Fhpwkl7gk11pSb+118FzQ r45HFiWqMDbacF1WRS4w/EsUNIvJD/VsD/oTsvPIEiJ4RSOHRqrtVZW1aLum/8tH qaLDOIqHfGbbTMXoRB/46RwrXQDbOOsCJ69gLSIPUEePrXomF8AVNE+V6zN7TZOj N0Oz8Pmnvr0bHTHKKIU6/6khledcNF/SerCqGEZMP8wJM9rHAaKB0JKaIlY88npL SCFiLQ26365nVC8EdFTxVQFVVsG0A4KUFQCHRQbG7K1MxbVJrEMuWVc5HqgMHIWB MDYpVN2Btorvgpq+Am8yd6+s77E6WmLunMy6CKPl0V0ukYC4re0wNYxaXxKyFbW2 S4cHfNO28JXaS6auplzxGrXkeP755RxpOGoqCJaxpp8u5kaIF9BabXOEq0uBxWSX MJL6rqcaX1KA2bABvC1BBMJp3EW1vCDB00OYiq+VpKZim4o32w/HYLy4B4SOQmm7 xPIUtvXqZlmwSxq31yyAwG6R0YKunYdA/2Yh5nhorgS7KTlvqNzn4ev4G8U3twDz kWy45KQ8VBzRTYC4sT7RuZOivOhi8MA6KP8An+hfx6sK8yYaKcdPwfkOVSI1GFdS cKbc1vb7YUhVzBTVyQB61nDFtcVMDHBOvxP4/TWRhmD3gdKPvhFY/dOvwwARAQAB tBVEdXRjaCBOYXRpb25hbCBQb2xpY2WJAjkEEwEIACMFAllE/aACGwMHCwkIBwMC AQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDhYgdRZoKrKBYfEACxI+bhcglYqrRzuAr/ 8D7v1cGJHEX0CJJYaTsZXMLYxd/Ar7o9ysHyDndMUc2lpYDS/EVuKj1aLugjxfLa hKk6kg+d++JHF0oZdbbm3HYjllcSkQZ76fGIAtBZjIecqQcOYWrI+nBMBPIOL/v6 KCmKg66k5tPh1qVx8aRK0empoosz+I5riS4HfAXExIZXjPL7mzEBAkRRqQy8BxpI IhNhuZZg8JtqMT8TiMJ39iFCNoC4y6rSrecEarHdbFniFjLpk283B2AHhDxanmGb QaTSlAxxPLmkN0tCKZLSJsmOBEWysqt3sy4lsOGZLNOY+UsLA61PI1k3xJD1aylh ujxQE6kVkmJFy/Aezox5yUCLXtQIHxaPAV5YjWfqIApk59Z4cx1x98Jr1oYtpPVT UngC07s4id00mEdecgFJkby0nJK694dyCfmEijSm1k3YyAbj+uUgZpnQge4kRcQM VyI43t1BAIYyB4zFuVB1lz3eCFkL0pjXBXIDQfF06gJdSVFI+N2LEiQ11FVQWzKm 5As+wE1x/e2CbE6ymeUUvt7cHR8V14QcqZUoyWJCe8H5OmHatvGRvMmbPeA6anql tC7ngrIp5Iuz/FjfRSL5x3VWMzP7zpCwNW919VLUJ/wzh4zqEb+Y4Akn6YOI30OB 8Xt7TIaUpwef3sScADu0eDRFRbkCDQRZRP2gARAAvKIZ8PYyTwbemniiK5kA4Uw4 KoTYzRnUlkCFIGYFTbH/4mePl/ReewwfK4Kyc6gSUi3BUTO8Mr8wLDznSVE0Jc+T exdvtbayg2GQLRQPkNEC/YQxBXdfWx8mQF+hrhhL05ZAnSGY0VIJGzhkbIwu3hTy ptYV6AN6aEYlpN46Gkp492ZLe3+L8kzjsmtLrT3GbCAuKrlM0sUxgya5kA9OoQI/ moaM+bKZ1v59es+AxFvC8+f43UxZ3c7L8siYSsDBp92E7tHInS49Om2MBYZrkRvE Efw2egPDjgbGCmpHB828wqrbYqqnDjuuL7e0vRbbj23qSlU6rt9nNQ2QDd4HQWkY vOkOr2zxatyJ1AvAqZWxpFhykni/dqliWprb1qzu/7SQblbUfLedbNtva7mDuUa2 IOnAZLZZNS2F5/VMT2C5sAdz3nwH9uiSya8QySSoExKslEw+LwLag4GaGyko9XBs ipx5A4QInU1bQZIrMqI8dPDUh1cTcnqcf2rF25W4IWxDScw4IDWKQFDG5kP1sEw5 HffHvSC0LXYTh6goQUOgme/OqF9J7rcMJMYKJQ31baC7aS8JT/++xB03C4051yaI CUW+nTxoHX2Kqg7bFQEyxab9t5wTNbI29gV4I6M3u64dlCyrOc14BmnfpRjsQB82 SSEHmcOohKX6SXAX5/sAEQEAAYkCHwQYAQgACQUCWUT9oAIbDAAKCRDhYgdRZoKr KFltD/0ax0MBmxTFvZ8elHfEgaBvKHKitkA69TQd4E+/KX7IVDzrrnTNXZbN/fV0 CiLgHOZVNtXrg57xLY3ZHNitKOhSSAJSqJQctnV4Pxw7r8ueoCkgKEzF4R+vTvKr 9H4r5mzNZ0hER3sXG8HQe8jl040V0zgaEQ1hFs7APJrrxGSPSaryWfqIGt+PS+ox vzm85HFqgMkFhzzIb/SXPcxbaItHMS/ib4OuYOxFxEFD9pj6frGxipWZzRNJ/WnX gauTOI+o7DUfFM5MZs0AU1UiomJTDxsjdu3OICvWrgSw+wCwS0lifF6qFGXyMgYe bDott3VIDnlacMd3psJNBLScexJHxiBgHyc/qUNtUmL3ogc2H6Vrc0ZopX21zJ0s EFQHqlo7yBB9FvUfYs63G4+1/f/ggnl+grMOqpQPoXaTL9jr/m+E4KeD7eKhdUHa cSUoFGFjvpOLphMQGidhFdHyFmwgIFHWv3QaVUxNgSKNDEuYaItHHNMfNuh8b7Sb jgk8cWC1+UlGdU+uC4Kf/zVtfgwygqXoyLBIoSPIbYm3LQ4yRTcOM58LV6iMUpTK 7HMHiYEIyCVfO+K/1plNIIO1bX7kskMKQIQBtyL0mzeN5qvpMse6xwlzwe8v/Hp6 kSfcdW46+xRkJQz9PjuPd1lKXwjugsBGPYD3zuKZUWCl1mIfaw== =PLa5 -----END PGP PUBLIC KEY BLOCK-----

Or just go here http://grams7enufi7jmdl.onion/infodesk/vendor/0xE16207516682AB28

EVERYONE WHO ORDERED FROM OR ENGAGED WITH THESE ACCOUNTS CLEAN HOUSE, EVERYONE WHO READS THIS REPORT ALL THESE VENDORS AS SOON AS YOU READ THIS, DREAM IS ALREADY WARNED BUT TO SPEED UP THE PROCESS PLEASE TAKE A MINUTE AND SAVE SOME PEOPLE.

EDIT: rxchemist has just changed his pgpkey but the stupid fuck isn't smart enough to realize grams still shows the policekey he had just an hour ago. http://grams7enufi7jmdl.onion/infodesk/vendor/0xE16207516682AB28

EDIT: IF Grams Admin can check when these keys where crawled we would know more about the keys that have been changed to the regular ones. I can say with 100% accuracy that the vendor: rxchemics had the DNP key listed a few hours ago, now it shows another key.


Comments


[153 Points] part_of_it:

Guys, I am one of those vendors. I can clearly say that (at least) my account was seized by dutch LE. I think they came on it through my sillyness using same password on hansamarket. All my informations got changed during the night they took hansamarket offline. I tried to get the account banned, so no one would be able to order anymore, but as I have to realize as a vendor in this situation you can't expect any help from dreammarket. I've reported multiple times and did some posts on the forum. The fact that there are 16 seized accounts on a market place and most of the community does know about it while dream isn't neither helping the original vendors nor the clients is horrible.

I don't think dreammarket itself is compromised, I only think the LE is trying to fuck the rest out of this community by using log-in informations from other markets. I advise even every vendor and client that was on hansamarket active to change all his passwords and pgp-keys. They will try to get in everywhere they can!


[45 Points] silky_toss:

To be fair, this is not new info. Someone else said this a few days ago, and I verified it via grams.

Proof: https://www.reddit.com/r/DarkNetMarkets/comments/6oh9pj/dream_compromised/dkhon5q/?context=3

However, there are many more vendors on that list now. There were only like 4 a few days ago.

P.S how fucking lazy of the Dutch Police to name the damn key "Dutch National Police". Are they retarded?


[14 Points] wombat2combat:

checking the vendors now.

rxchemist seems to have the same public key on dream [http://lchudifyeqm4ldjj.onion/contactMember?member=rxchemist ] as the ones that are listed on grams http://grams7enufi7jmdl.onion/infodesk/vendor/0x36A55B2E7C89C783

never-mind the one key unprocessed was the dutch national police one I still had imported. probably will make an announcement soon after checking more vendors.

some have the dnp key, some not. testing a bit more.

op: please put a blank line after each vendor name for better formatting


[12 Points] decadin:

Well holy shit

Good looking out OP


[5 Points] Jay-__:

/u/DHL-1 DrPoseidon is also on your market.


[5 Points] sharpshooter789:

The more reports I see about Dream, the less likely I believe it's actually compromised.

When LE controlled Hansa they shut it down because they couldn't handle the massive volume of new users. Dream did not do this. Instead they are trying to make more money despite lacking sufficient resources to handle to incoming masses. As a result, the entire infrastructure appears to be collapsing. Scaling a black market like this is very difficult. Not only do they have to obtain computing resources anonymously they have to recruit staff to handle disputes. I would imagine obtaining the staff is the most difficult part. I can't think of any means of ensuring the applicants are not LE.

Consequently, I still do not think it is wise to use dream. If the operator has any brains he should quit whiles he's ahead. The market has been in operation forever and now LE can focus all their efforts on shutting it down since it's the largest market. If speedsteper does decide to call it quits I would imagine an exit scam.


[7 Points] chainer3000:

Weren't many of these accounts already named as compromised/identified by LE? They also listed some buyer accounts but fuzzed the names


[5 Points] iHateBeingSeized:

How the fuck are vendors to lazy to create multiple passwords. It's not that big of a problem if buyers do that cause they only danger themselfs by doing so. But a vendor using one pw for multiple accs is jeopardizing all of his customers + himself. I simply cannot understand how people are not willing to spend a few minutes to step up their opsec.


[4 Points] gqgctrwv:

How could they name it Dutch National Police? What the fuck? When you import the key, it's obviously going to tell you it's the Dutch National Police. Seriously, what the fuck? Can someone please explain?


[3 Points] mjmedstarved:

oh fek


[3 Points] ca2co3:

Stellar work! Thanks for posting, this is absolutely remarkable isn't it? They are so blatant and amateur sometimes yet I guarantee you many people fell for it.


[3 Points] thenorm123:

How did they get into the accounts assuming 2fa was activated?


[3 Points] steamboi1337:

you for sure just did not send them encrypted information about your computer localization ( PGP ) GPS)


[3 Points] shennagigans:

/r/pgpdatabase is probably what vendors should be using..


[2 Points] throwaway2343320:

Throwaway for obvious reasons, I made an order with one of these vendors yesterday and have since cancelled it. The order was placed for about 12 hours before cancelling during which time the vendor (or more likely LE) did not log on, do you think my address is compromised? or did I get lucky?


[2 Points] mrmcepic69:

Fuck Dream


[2 Points] None:

[deleted]


[2 Points] weoll88:

can confirm DutchCandyShop is LE


[1 Points] AutoModerator:

To format PGP encrypted messages, signed messages or keys properly on reddit please follow these instructions.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[1 Points] granturitoxx:

yikes ... thats not good


[1 Points] midnightmodders:

Hmm used MarcoPolo420 PGP on Hansa about 2 days before it went down and his Pgp was still the same and created in 2016 so I think I dodged a bullet lol


[1 Points] PM_UR_DNM_TAKEDOWNS:

Anyone that still using Dream at this point, seriously doesn't care about their opsec.


[1 Points] MT_Merchant_Mangler:

The Feds say our name hot like when the oven on.


[1 Points] Safetyne:

Can someone check meerkovo for me or direct me to grams ? Please lol


[1 Points] flippyflopped:

If Dream doesn't do something about this then we can just assume the market itself is compromised.


[1 Points] Sevenpool:

Can I place an order using my neighbor I hate's address


[1 Points] DNMTiger:

KindOdua has also had his changed twice once to dutch police and again to just his name and through contact w his real pgp he calims he did not change it or create any new pgps


[1 Points] DrPoseidonShop:

Could you please remove my name from the List? (DrPoseidon). My account on dream is since over 1 Month inactive and secured by admins.


[1 Points] DrPoseidonShop:

Could you please remove my name from the List? (DrPoseidon). My account on dream is since over 1 Month inactive and secured by admins.


[1 Points] ricegum2301:

does anybody know if P has been compromised ? I don't want to the vendors full name but if you have used them before then you should know who I'm talking about . I haven't bought from him since alphaybay.


[0 Points] Just4theDrama:

Thanks for summarize. Hopefully Helps some poor Souls. As sure they will it More secretly from Now On. So it's good to have those names already

Anyway I would Not recommend using Dream at the moment. To many bad signs and at the end better to Be paranoid than facing serious possible life changing consequences depending on the country/state you are in


[0 Points] Imightbenormal:

Idiots... Fools!

How can people learn?


[0 Points] Coolbreazzz:

Yea that's him I can never think how to spell is name but thought it would come up tjp. So he's same dude as far as info goes?


[0 Points] PnwOB:

They wouldn't have gotten compromised if they used OpenBazaar.

/r/OpenBazaarFraudStores


[-1 Points] MockinBirdX:

I really thinks thats a scam: https://www.reddit.com/r/DarkNetMarkets/comments/6p8hoz/dream_market_forums/

They do want to change onion adress?


[-2 Points] MockinBirdX:

This looks more like a scam not Fed. Leo would not be this stupid.


[-4 Points] urAdumbnigger:

Burn house... Move 3 Belize. Toss pc in ocean on way or by lube go 2 prison