Yesterday Europol announced the FBI, the DEA and the Dutch National Police have cooperated on a massive investigation aimed at shutting down AlphaBay and Hansa. Now rumors are spreading that the third largest illegal dark web marketplace, Dream Market, has also been compromised by authorities.
Concerned Redditors have discovered a non-encrypted (‘clearnet‘) IP address in Dream’s source code, which many users are interpreting as a sign that law enforcement agencies might have taken over control of the market and are now actively monitoring the platform.
In the meantime, users are still debating whether the concern is indeed validated. According to several posters, the visible clearnet IP in the source code has been there for at least nine months. Some Reddit sleuths have even been able to trace back the address to Swedish hosting company Speedstepper.
Still, some agitated users are arguing that, regardless of the date, displaying an IP address publicly is not an expected behavior on the dark web. As the more paranoid of posters have pointed out, simple mistakes like these have often paved the fall of other popular illegal dark web markets in the past.
The unconfirmed hypothesis is that publicly available IP addresses are a vulnerability that leaves Dream’s data centers worryingly exposed. This makes it easier for law enforcement to locate the servers and gain full control of them without the knowledge of vendors and buyers.
In fact, this is the exact same strategy Dutch police employed to take over Hansa.
What makes Dream a perfect target for authorities is that, in the absence of AlphaBay and Hansa, dark web drug sellers and buyers are most likely to migrate to Dream.
For more context, yesterday Dutch Police shared that following the shutdown of AlphaBay, Hansa saw an eight-fold increase in daily active vendors – from 1,000 to 8,000. The same pattern is likely to repeat in the case of Dream.
More than a week before the news that Hansa has been infiltrated by police came out, a Redditor going by the moniker luckyduckquack posted a thread warning users against this possibility: Nobody paid attention to the thread until it was already too late.
Earlier today luckyduckquack was back with another warning:
So in case you happen to frequent Dream for your illegal merch needs, I’d trust the messenger this time around – at least out of caution.