According to Naked Security, a few Dream market vendors apparently reused their credentials from busted marketplaces such as Hansa, and didn’t enable two-factor authentication (2FA) on their accounts, meaning police easily got control of their accounts, and effectively locked them out.
According to a researcher, at least 16 different darknet vendors have been compromised because they reused passwords. All authorities had to do was reuse captured credentials to access their accounts.
On the r/DarkNetMarkets subreddit, one of the vendors came forward and explained his side of the story. He stated that his account was seized by Dutch police, and that the cause was probably his “sillyness using the same password on hansamarket.” He added that “all his informations” got changed the night Hansa was taken down.
These takedowns might not be that relevant, however, as according to various users Dream market has already been compromised by law enforcement. One redditor claimed that on August 20 Dream market will be taken down by law enforcement, citing a government employee as his source.
Another user, who correctly called that Hansa was under law enforcement control, also stated that Dream market has been compromised. He stated:
This is a warning you will want to heed. Dream has been under the control of law enforcement for some time now. Within the next couple of weeks you will see a seizure notice. They are waiting to gather as many refugees from AB & Hansa as they can and then drop the hammer.
As reported by CCN, two of darknet’s biggest marketplaces were taken down in July, after two global law enforcement operations. AlphaBay, the biggest one, got taken down in an operation dubbed “Bayonet”, in which authorities raided its servers in Canada and the U.S., and arrested its admin Alexander Cazes in Thailand. Cazes, a Canadian national, was later found dead in his cell.
After AlphaBay was taken down, users flocked to other darknet marketplaces, including Hansa and Dream market. Hansa, as it was later found out, had been under law enforcement control even before AlphaBay was taken down. Dutch police located market infrastructure in the Netherlands, arrested two of its admins in Germany, seized Hansa’s servers, and then created an exact copy of the marketplace.
This allowed authorities to gather information on various users, leading to the arrest of those who did not use proper encryption while using these marketplaces.
During a press briefing at the Department of Justice (DOJ), U.S. Attorney General Jeff Sessions addressed these takedowns and notably warned darknet market users, stating:
This case, pursued by dedicated agents and prosecutors, says you are not safe. You cannot hide. We will find you, dismantle your organization and network. And we will prosecute you.
Featured image from Shutterstock.