Update: Dread Downtime and Upgrades
~3 min read | Published on 2019-09-24, tagged Dread using 747 words.
Dread, the top darkweb forum, has been offline for days, leaving users wondering about the future of the site and the status of the forum’s admin. After several days of silence, the admin—HugBunter—added a notice to the Dread landing page about the downtime and a number of updates to the platform.Dread Downtime
Although Dread went down several times in June and July this year as a result of a series of denial of service attacks, the forum stayed online for the majority of the month of August and the beginning of September. Downtimes usually lasted less than a day. And almost every time Dread went down, HugBunter would post a message to the subreddit created for letting users know about downtimes and maintenance. It briefly went down on September 14 and again on September 18. HugBunter notified users of the downtimes and brought the site back online within a few hours of the /r/DreadAlert posts.
Not long after HugBunter had brought Dread up on September 18, the site became inaccessible to users and has remained inaccessible for a number of days. As of publication, Dread has been down for six days (using a Tweet from DarkDotFail as a reference point). We finally know something about the downtime; HugBunter updated the generic “Down for Maintenance” page with a signed message that explained the purpose of the downtime and served as a proof of life.
Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.
The message highlights stability in the context of the recent influx of Dread users. A record number of users have subscribed to the Dread subdread (similar to a default subreddit). In the most recent /r/DreadAlert post, HugBunter also mentioned that he was dealing with a “scalability issue.” He is likely dealing with the same issue right now.
Spammers have also scaled their operations to match the Dread user-base. Accounts similar to bot accounts on Twitter have been posting nonsensical gibberish on any post about a hot topic on Dread, such as comments about Dread itself, various marketplaces, and even DarkDotFail. The posts—recognizable by anyone as obvious spam—usually promote one site and make absurd claims only convincing enough for the least intuitive tabloid editors. These spammers have been submitting a dozen or more of the same comments on some posts.
The spam has been only a minor inconvenience to Dread users but has likely kept Dread mods fairly busy. The phishers have somehow continued to steal funds from the users of at least one market.
HugBunter’s update to Dread will likely deal with both the rampant phishing and annoying spam comments in addition to the scalablity issues mentioned in the update as well as the most recent /r/DreadAlert post.
The signature is valid. HugBunter’s key is available here (darknetlive) or here (DarkDotFail).
This post will be updated once Dread comes back online.
The Signed Message -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAl2IpgkACgkQ6GEFEPmm6SKAzQ//bHDUegdtInNBWtDhIKTl9BizmCFC6L555YAdk73nq6FbcMx8WRXmFtvnv48yaxz6MdK2rbMKTIuLwZJH7ytvBIthpOwAJUmaOdnB9fTbyxjXkYym8VxceRVSvZVhYB21BUVICec01x5gJGIFzLUaVpPvdlyrg6oBjppeYxqfQPe8oQT47h3ugGyw/Dh/8UT4dib09U5FYjExzK5JQYZxroFiknSiDkoUC5a+Rr77xD7Sr9gmkWACeU3rfrVn0JA0oPmGBOLLbYRh+ejQHISec9jk5D5Orq3lQVjNBAaCK2CsBKZbsC3wrIv3kdfFeHvwkQzk7cjjR5saHJRYGVXRysNPIjRHCE9jX4IiuBxgTLYOvntHOEsa76WKv53T6mUzd8ceLwlC0ITgMQHnBxA1kmOKyrxm8yM8ufyy2zqkUPVFSZo6LLUr0xTJwxfb0oTkdsjfPgSJK1K+kJARq7ImBch9vd/fimNBFnFmaYcJD7YLJ9RJYQnYA2Dm5QTaTZhdv/aD261OHvtIWMOQSsl/S7bhxZx9z41x1+t+/riz0SYpB/WXDF1LxzhWa1ewX+BixAwciiSKueg35t07qe2ImFLZO98H9Xs4UNKhZNV8By4hLoiJStjNIdKgG/qggxpaoE7ltR6RmMC3ImJ/a9PwaJxWgZfRLg1h682tNK5NxW8==2R+j-----END PGP SIGNATURE-----
HugBunter’s PGP Key -----BEGIN PGP PUBLIC KEY BLOCK-----mQINBFnJVGQBEAC8qfs1mLpDahTWBqKoj8rlwpaEXj8P0n0aOvmyBi9ZPArghGq18Smf03RAWPmMfueTQ8y2uxX3AwbOzmmgdT8cLSqTbmSWHAMRvyY+j2psYO8taqr8qQY+AJORJxflHOR1hL2IB+TwrqovbQO1p2y4MQZc6xBWjCSHWG98TsPtorYD84ZDT+34SYqVgzu6Q0nVtew9SM5rk/vpU5boFpRq2/RP6sxNgWDt5qrdlDQdbUCv9Vv7OQM0KvOzfwusWxwDTuW1hsrzgFJ3k6Gh2nBzk/MNbO1ZagsnjWGXRTFVBpPfAasn9vYwCE2L+iiYTrvy42aqj+mUy5PyhXQP2UNTvQLx1nU0Ql2TXSZjjv5rSK6Do+6/Idy+xjYBQC0Tx2e9WMSCZWpQJJWyHsOdiQSVDe2UT9AnRCEpnUWckiVDFRFDgYaV5/lR+oA3hbjmHLadVNgDOKhkdV4GFXuJ/w7ICTBWbZAAPj+E8NcBLwYjc5gg13b2f53sM4P8j4cafluf6aptORF0drqWtRbYjVMmqKZ8LSWjqSjYi6PzO2jOAcOJeqW0hQQFxdh2PQ8mUixXjN3XNtOBw6ItuIB/eVobSrzw7Jr9sjTWS4g4b2XkPCEGJZg9dFt90uBAsw60m9SwIkAGKh/8uoauX48OfF6kQe+u+YUJwU3uiFQQyChsbQARAQABtC9IdWdCdW50ZXIgPGh1Z2J1bnRlckBqYWJiZXIuY2FseXhpbnN0aXR1dGUub3JnPokCTgQTAQoAOBYhBGEzrOH0uHxR2/P+pehhBRD5pukiBQJZyVRkAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEOhhBRD5puki//MP/A+VI5cHWr7TzqffXM8wGLSJXdeJ664+003IVOuoxK3mgSPrZQ35fkY77MSHXt3BqrZrL3DeG5L3p5ZA00U3+yX+OZP2S1FchaPUx1YwsUo+k49eLXrqmlw3KUwKOLeiB+UrOPrQpCwQWtp2WV5Ar5SlwUBAQtdtzWgc3jezr7YnpnBy2l5E0UU4RWYo1ZpPbufxSnuWL6+VV3SJs7LsTSOP4dZ723/7saQH5Tt0+WTlHRd2LOuFYUMYcSizC6vD+78YDmvRFsjnKUMfknU52gRfzz33TQd9biXhbkcm3HS0fCU8Wg8sA7fOjFBg/NL8L1sO62xp1/h8M+R4isgZ4plhbCi5QBtR1cTpLWc/xy6PHUekd9LeGVK8rM3O5tFkYtOM4Nk8Jm/WBbxNn9sDIy45jUzeRBzjN0UzyGBdirF9v519arosjcRxjxiYPfqFk9H1SBWVBvYDbB/sfS+qhNiCXe2d3HyV6oH9m8iW8shAStuSEZd4bLTBkYSzPI1T+FW2S1038rqDs65LcojOyCnw9zfVR7DPZLZieizaDIn2uLlR9nDQVzpo3VVAJLiooHyUwC0H3oSs9hL5pSK9HPK65Ps5rloJy8KCBTO8DcdcNLa1v/dALXVEzDkoVkYdFR8V6yXvXN1PIZqXkf0bMWAGLbW/QvPBL6YzpivKKG49uQINBFnJVGQBEACW9ir6AbRxwsGu6ivOzBtqV8ohnzlhGnpPjdgGiYtvUrj+tosXJ/D1Jf5CQhLDxNeLvIGf3m/5xQvtzVxc7vXSPXhg+GAZBETji76i9ePwMwYLN0T6nTyVQ6FcpYqBl6WLRFCHZXLa/eUqvcvZFdr+a3BI1q6SZsbnnEqKjqUz1oWMRLIUlYLJfxsoeBg7c81lPH7Sy9goZ86kAk1BwvhLC5hICkR/pC9pg9/85YF3kG+lboGxLZHyu9FC84D4YqJB5Jljf8A3ISzxJdw8repSJb1k6lr7OdR7LDmEzEiJPN9Co+2TqH01yQUok8ezGVDwk1aU6IRnXp1ZHiyXMOJyX1T6+wbrEtJmfijX6o73m/U1RkS099kg5f/rxMORzIYMsWHxHBqJR56Gpdr7+DtapTRsrtaw1GXGa1LaZP6EVDYd9FAhDUQbYLxCWkJPAZKWgjA3tLPsMgpN0j/Vl5kkjvz+/L2L72Bu2L03TzxWw1DPA0+Ot3ST4SnLg7GDpIkWKR58S5TcUbGhR4rsRlBUQ6s2PQIfO6tAOLsaoW7m6mpu75dvtAu3PzMW7Z8i62aRbVb8H/eBlIqioXCGSnBnfJgmGHumH6tYRwnDFCLkXOVT0QPPAYsyxMR90ygDgxmbjMUyvlvZ3J7WYX6SGMrT+cGo/NK38PlJh13XxAjIXwARAQABiQI2BBgBCgAgFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAlnJVGQCGwwACgkQ6GEFEPmm6SJZVg/9FVp4TgXwu02tX2zBRXd08dQLwr4pWFijjKID+6oGlA3Ynu4sY9lz3Jl3FHe+Jg30WqO3BhFXDsdvtHHe6clK02811KqE2DhUAVgw5bWlwDzWg1p9p0zcpc2oszMcUD98moqYs8BPRLpJL8FY2HIwLgf1d6FWqfJWzqSeQLwnTk2TY8JdOIHiNQyGO3iVvDbTwNiSD4uX4ED275G608MOaS7Sy7ApZZ0cC75D/DpVJHX2xZax++x6ybG+MQTv9R4PX/T/tBBT58xtZAXPbml+K9VZ0glHkAVjFnRk+I4EhkT7677wVB97j6Mw+8dSiUVPsXqXViM9KJqRhzZ52bt4jugEBHT0voZgkFBbljvBJomPLo77H9tIkoG6EJpmLQoJy7D8CKhsa2KZsVRGTphYDIOj0GyjrBZVYJ+Ie2jUu3Zkf30WQxlSjr2FzTS2qlsbUEduJ6eOKO/FnhdswzSDQMu2DqIagp7bM4EIyG06P60FypcwiALCB8HdJyrV3Ih2X/AgZFUQ89pAfPI8+7+hvZd00ClGbWjYY6scPu6wWKYqBQVItpCREwAhDBvDNDdPq1jV8TMjU1D3tnSAf+IOibk6bZ09JHT72Xx0//iREagtyMr8gfBZxVfD/DBNUqTWWYkWWTTOpqspJvE/I7vV7AbUmiof+9k+iQYsg+3PfFo==FkeJ-----END PGP PUBLIC KEY BLOCK-----
Although Dread went down several times in June and July this year as a result of a series of denial of service attacks, the forum stayed online for the majority of the month of August and the beginning of September. Downtimes usually lasted less than a day. And almost every time Dread went down, HugBunter would post a message to the subreddit created for letting users know about downtimes and maintenance. It briefly went down on September 14 and again on September 18. HugBunter notified users of the downtimes and brought the site back online within a few hours of the /r/DreadAlert posts.
A Screenshot of /r/DreadAlert Posts
Not long after HugBunter had brought Dread up on September 18, the site became inaccessible to users and has remained inaccessible for a number of days. As of publication, Dread has been down for six days (using a Tweet from DarkDotFail as a reference point). We finally know something about the downtime; HugBunter updated the generic “Down for Maintenance” page with a signed message that explained the purpose of the downtime and served as a proof of life.
DarkDotFail's Tweet About the Downtime
Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.
The Updated Dowtime Message on Dread
The message highlights stability in the context of the recent influx of Dread users. A record number of users have subscribed to the Dread subdread (similar to a default subreddit). In the most recent /r/DreadAlert post, HugBunter also mentioned that he was dealing with a “scalability issue.” He is likely dealing with the same issue right now.
The September 18 Downtime Post on DreadAlert
Dread is an increasingly popular spot for phishers to spread fake links to Empire Market and DarkDotFail. The influx of new users has only increased the number of targets for these phishers and encouraged them to increase the scale of their own operations. Almost every post on the Empire Market subdread had at least one comment with links to fake versions of Empire Market or DarkDotFail. The same comments spread to other popular subdreads as well.Spammers have also scaled their operations to match the Dread user-base. Accounts similar to bot accounts on Twitter have been posting nonsensical gibberish on any post about a hot topic on Dread, such as comments about Dread itself, various marketplaces, and even DarkDotFail. The posts—recognizable by anyone as obvious spam—usually promote one site and make absurd claims only convincing enough for the least intuitive tabloid editors. These spammers have been submitting a dozen or more of the same comments on some posts.
Similar Spam and Phishing Links on the DreadAlert Subreddit
The spam has been only a minor inconvenience to Dread users but has likely kept Dread mods fairly busy. The phishers have somehow continued to steal funds from the users of at least one market.
HugBunter’s update to Dread will likely deal with both the rampant phishing and annoying spam comments in addition to the scalablity issues mentioned in the update as well as the most recent /r/DreadAlert post.
The signature is valid. HugBunter’s key is available here (darknetlive) or here (DarkDotFail).
This post will be updated once Dread comes back online.
The Signed Message -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAl2IpgkACgkQ6GEFEPmm6SKAzQ//bHDUegdtInNBWtDhIKTl9BizmCFC6L555YAdk73nq6FbcMx8WRXmFtvnv48yaxz6MdK2rbMKTIuLwZJH7ytvBIthpOwAJUmaOdnB9fTbyxjXkYym8VxceRVSvZVhYB21BUVICec01x5gJGIFzLUaVpPvdlyrg6oBjppeYxqfQPe8oQT47h3ugGyw/Dh/8UT4dib09U5FYjExzK5JQYZxroFiknSiDkoUC5a+Rr77xD7Sr9gmkWACeU3rfrVn0JA0oPmGBOLLbYRh+ejQHISec9jk5D5Orq3lQVjNBAaCK2CsBKZbsC3wrIv3kdfFeHvwkQzk7cjjR5saHJRYGVXRysNPIjRHCE9jX4IiuBxgTLYOvntHOEsa76WKv53T6mUzd8ceLwlC0ITgMQHnBxA1kmOKyrxm8yM8ufyy2zqkUPVFSZo6LLUr0xTJwxfb0oTkdsjfPgSJK1K+kJARq7ImBch9vd/fimNBFnFmaYcJD7YLJ9RJYQnYA2Dm5QTaTZhdv/aD261OHvtIWMOQSsl/S7bhxZx9z41x1+t+/riz0SYpB/WXDF1LxzhWa1ewX+BixAwciiSKueg35t07qe2ImFLZO98H9Xs4UNKhZNV8By4hLoiJStjNIdKgG/qggxpaoE7ltR6RmMC3ImJ/a9PwaJxWgZfRLg1h682tNK5NxW8==2R+j-----END PGP SIGNATURE-----
HugBunter’s PGP Key -----BEGIN PGP PUBLIC KEY BLOCK-----mQINBFnJVGQBEAC8qfs1mLpDahTWBqKoj8rlwpaEXj8P0n0aOvmyBi9ZPArghGq18Smf03RAWPmMfueTQ8y2uxX3AwbOzmmgdT8cLSqTbmSWHAMRvyY+j2psYO8taqr8qQY+AJORJxflHOR1hL2IB+TwrqovbQO1p2y4MQZc6xBWjCSHWG98TsPtorYD84ZDT+34SYqVgzu6Q0nVtew9SM5rk/vpU5boFpRq2/RP6sxNgWDt5qrdlDQdbUCv9Vv7OQM0KvOzfwusWxwDTuW1hsrzgFJ3k6Gh2nBzk/MNbO1ZagsnjWGXRTFVBpPfAasn9vYwCE2L+iiYTrvy42aqj+mUy5PyhXQP2UNTvQLx1nU0Ql2TXSZjjv5rSK6Do+6/Idy+xjYBQC0Tx2e9WMSCZWpQJJWyHsOdiQSVDe2UT9AnRCEpnUWckiVDFRFDgYaV5/lR+oA3hbjmHLadVNgDOKhkdV4GFXuJ/w7ICTBWbZAAPj+E8NcBLwYjc5gg13b2f53sM4P8j4cafluf6aptORF0drqWtRbYjVMmqKZ8LSWjqSjYi6PzO2jOAcOJeqW0hQQFxdh2PQ8mUixXjN3XNtOBw6ItuIB/eVobSrzw7Jr9sjTWS4g4b2XkPCEGJZg9dFt90uBAsw60m9SwIkAGKh/8uoauX48OfF6kQe+u+YUJwU3uiFQQyChsbQARAQABtC9IdWdCdW50ZXIgPGh1Z2J1bnRlckBqYWJiZXIuY2FseXhpbnN0aXR1dGUub3JnPokCTgQTAQoAOBYhBGEzrOH0uHxR2/P+pehhBRD5pukiBQJZyVRkAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEOhhBRD5puki//MP/A+VI5cHWr7TzqffXM8wGLSJXdeJ664+003IVOuoxK3mgSPrZQ35fkY77MSHXt3BqrZrL3DeG5L3p5ZA00U3+yX+OZP2S1FchaPUx1YwsUo+k49eLXrqmlw3KUwKOLeiB+UrOPrQpCwQWtp2WV5Ar5SlwUBAQtdtzWgc3jezr7YnpnBy2l5E0UU4RWYo1ZpPbufxSnuWL6+VV3SJs7LsTSOP4dZ723/7saQH5Tt0+WTlHRd2LOuFYUMYcSizC6vD+78YDmvRFsjnKUMfknU52gRfzz33TQd9biXhbkcm3HS0fCU8Wg8sA7fOjFBg/NL8L1sO62xp1/h8M+R4isgZ4plhbCi5QBtR1cTpLWc/xy6PHUekd9LeGVK8rM3O5tFkYtOM4Nk8Jm/WBbxNn9sDIy45jUzeRBzjN0UzyGBdirF9v519arosjcRxjxiYPfqFk9H1SBWVBvYDbB/sfS+qhNiCXe2d3HyV6oH9m8iW8shAStuSEZd4bLTBkYSzPI1T+FW2S1038rqDs65LcojOyCnw9zfVR7DPZLZieizaDIn2uLlR9nDQVzpo3VVAJLiooHyUwC0H3oSs9hL5pSK9HPK65Ps5rloJy8KCBTO8DcdcNLa1v/dALXVEzDkoVkYdFR8V6yXvXN1PIZqXkf0bMWAGLbW/QvPBL6YzpivKKG49uQINBFnJVGQBEACW9ir6AbRxwsGu6ivOzBtqV8ohnzlhGnpPjdgGiYtvUrj+tosXJ/D1Jf5CQhLDxNeLvIGf3m/5xQvtzVxc7vXSPXhg+GAZBETji76i9ePwMwYLN0T6nTyVQ6FcpYqBl6WLRFCHZXLa/eUqvcvZFdr+a3BI1q6SZsbnnEqKjqUz1oWMRLIUlYLJfxsoeBg7c81lPH7Sy9goZ86kAk1BwvhLC5hICkR/pC9pg9/85YF3kG+lboGxLZHyu9FC84D4YqJB5Jljf8A3ISzxJdw8repSJb1k6lr7OdR7LDmEzEiJPN9Co+2TqH01yQUok8ezGVDwk1aU6IRnXp1ZHiyXMOJyX1T6+wbrEtJmfijX6o73m/U1RkS099kg5f/rxMORzIYMsWHxHBqJR56Gpdr7+DtapTRsrtaw1GXGa1LaZP6EVDYd9FAhDUQbYLxCWkJPAZKWgjA3tLPsMgpN0j/Vl5kkjvz+/L2L72Bu2L03TzxWw1DPA0+Ot3ST4SnLg7GDpIkWKR58S5TcUbGhR4rsRlBUQ6s2PQIfO6tAOLsaoW7m6mpu75dvtAu3PzMW7Z8i62aRbVb8H/eBlIqioXCGSnBnfJgmGHumH6tYRwnDFCLkXOVT0QPPAYsyxMR90ygDgxmbjMUyvlvZ3J7WYX6SGMrT+cGo/NK38PlJh13XxAjIXwARAQABiQI2BBgBCgAgFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAlnJVGQCGwwACgkQ6GEFEPmm6SJZVg/9FVp4TgXwu02tX2zBRXd08dQLwr4pWFijjKID+6oGlA3Ynu4sY9lz3Jl3FHe+Jg30WqO3BhFXDsdvtHHe6clK02811KqE2DhUAVgw5bWlwDzWg1p9p0zcpc2oszMcUD98moqYs8BPRLpJL8FY2HIwLgf1d6FWqfJWzqSeQLwnTk2TY8JdOIHiNQyGO3iVvDbTwNiSD4uX4ED275G608MOaS7Sy7ApZZ0cC75D/DpVJHX2xZax++x6ybG+MQTv9R4PX/T/tBBT58xtZAXPbml+K9VZ0glHkAVjFnRk+I4EhkT7677wVB97j6Mw+8dSiUVPsXqXViM9KJqRhzZ52bt4jugEBHT0voZgkFBbljvBJomPLo77H9tIkoG6EJpmLQoJy7D8CKhsa2KZsVRGTphYDIOj0GyjrBZVYJ+Ie2jUu3Zkf30WQxlSjr2FzTS2qlsbUEduJ6eOKO/FnhdswzSDQMu2DqIagp7bM4EIyG06P60FypcwiALCB8HdJyrV3Ih2X/AgZFUQ89pAfPI8+7+hvZd00ClGbWjYY6scPu6wWKYqBQVItpCREwAhDBvDNDdPq1jV8TMjU1D3tnSAf+IOibk6bZ09JHT72Xx0//iREagtyMr8gfBZxVfD/DBNUqTWWYkWWTTOpqspJvE/I7vV7AbUmiof+9k+iQYsg+3PfFo==FkeJ-----END PGP PUBLIC KEY BLOCK-----
