Unsorted Notes About the RCMP's AlwaysOverWeight Case

On February 13, the Royal Canadian Mounted Police announced the arrest of three suspects as part of an ongoing investigation into the darkweb vendor AlwaysOverWeight. However, online, there is a growing belief that the RCMP incorrectly identified the suspected drug dealers.

This post concerns the contents of the RCMP’s press release about the investigation into AlwaysOverWeight and is not likely of interest to the majority of readers.

After the announcement, AlwaysOverWeight (aka AlwaysOvrWeight/AO) emailed the public email address for Darknetlive. The emails contained signed messages as well as demands that Darknetlive remove the article. These emails carried very little weight at the time. If law enforcement had obtained the credentials to AO’s computers and accounts, they could have sent an email from AO’s listed email address and signed messages with AO’s listed PGP key. Regardless, here is the most recently signed message from AO:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

AlwaysOverweight
-----BEGIN PGP SIGNATURE-----


iQIzBAEBCAAdFiEECJTixOJNFgMoshZ2B0MGeSIE8xkFAl5TAaAACgkQB0MGeSIE
8xkJ5A//cgVtMHEB4qPwgmIzHnhiXtOKECTYyiImYgoy5NYeY5669MGo4opOUWzg
nf9lxOz6XXu3hgVCu4RLEhk8wqiMeEEbCDYNd896CbuXKkoxIW9KL2Msc/bPZQaX
BNNPMhZe4R6hs8JnblIr49tK8KiuxBb/HbgIXnyzo+lZMuTZHnuqcIsVJwB4qyxa
18WmYJITxXZPjpMwT54HP0+Gnqt7wKmpVQfe/EbD000VchvQBCPaTZs+2unbs9Lo
9RATQf17Eql8WuscUspdiVqa7h00ZcTMOJH6rqf8vLCCn5Y11fNfwWVs3TYFKz4O
qnayD4Z3VNYv1YkhRLoLYcCEIDTSvyL9yLXdSGpIHkE3DG4xVzLsjNB/rqrGmLZ3
0fh+AgbczoDJdB4a060uimj/eJKmmsermyBsEGywPcvgTYBh/WE9dTzHQzfgj6tP
wqluaMFDz3/VDJW3ZtJgEOoAOUZHF6a2O+Cp4WTbuOOfaVKU8/BSg7r8PsFml+C/
oRa/P1hXoPiEAdZRDiVtm2yBcfZrP10ZpTt7fxcfZS4TjwvncWJn4B/Yn9tHTN44
pH14YinSGqG1Yh/5OU1OyykOUtBrz7d0N7rbk1+2dJ6U17ATLnKL7lFf07cb9h5S
O25UqfthMNkNecUymYFm1QBkhxTWpIv9RSWAzBwmbQPEhNMZt/4=
=vGTK

-----END PGP SIGNATURE-----

The entire situation is unusual and difficult to understand. But there are some pieces of information that stand out and are worth considering. Also, the RCMP provided no additional information and directed me back to the announcement. So there are no official updates.

The Press Release

The RCMP’s press release is intentionally vague. Relevant sections are below.

Earlier this month, officers from the RCMP Federal Serious and Organized Crime (FSOC) executed search warrants at two residences, arrested three people and located and dismantled a gamma hydroxybutyrate (GHB) processing lab as a result of a year-long investigation into dark web drug trafficking in Nanaimo, BC.

In January 2019, RCMP FSOC began project EPateriform, an investigation into online drug trafficking using the dark web and bitcoin exchanges. The project targeted a prolific dark web vendor known as AlwaysOvrWeight. Using conventional and non-conventional techniques, RCMP FSOC narrowed the dark web vendor’s location to Nanaimo BC. RCMP FSOC determined AlwaysOvrWeight was also using encrypted communications to traffic drugs online as bcpremo88.

Drugs seized during the raid |  RCMP

Drugs seized during the raid | RCMP

Over the course of the exhaustive, year-long investigation, investigators gathered evidence to support allegations that AlwaysOvrWeight was facilitating the online sale and shipment of a wide variety of drugs including cocaine, heroin, methamphetamine, GHB, psilocybin (mushrooms), ketamine and fentanyl to Canadians. The investigators also gathered evidence to identify persons working behind the AlwaysOrvWeight moniker.

On February 04, 2020 RCMP FSOC, with the assistance of RCMP Federal Clandestine Laboratory Enforcement and Response Team (CLEAR), executed a search warrant at a residence in the 3900-block of Hammond Bay Road in Nanaimo BC. A GHB processing lab along with evidence of drug packaging and trafficking, was found inside. On the same day, RCMP FSOC searched a residence in the 6100-block of Kiara Place in Nanaimo BC wherein evidence of drug trafficking using the dark web was located. Three Nanaimo residents were also arrested. No charges have yet been laid as the investigation remains on-going.

RCMP on scene along Hammond Bay Road

RCMP on scene along Hammond Bay Road


History

It is unclear why the announcement claims AO used the name “bcpremo88” for communication online. BCpremo is a completely unrelated darkweb vendor who also ships packages from Canada. BCpremo used the handle “bcpremo88” on Wickr and conducted business via Wickr. Both vendors have a somewhat similar history.

AlwaysOverweight

In early May 2019, Dread users noticed AO had entered vacation mode on Empire Market. Some assumed law enforcement had arrested AO or that AO had exit scammed. AO showed up in those threads to let customers know about some “restructuring.”

/u/AlwaysOverweight on June 3:

Dear Clients,

I do apologize for the sudden closure. The company needs some restructuring in order for it to continue to offer you a great all around service. I will be back better than ever. If your order was marked shipped then it should have gone out. Any orders that were paid for went out. No this is not an exit scam.

Thanks all of your business, each and every customer is valuable to us and we look forward to working with you in the future.

AlwaysOverweight


One of the users who had initially suspected involvement from law enforcement returned to the thread in June to let users know that AO had fulfilled his $700+ order. A Dread user on June 10:

Sad to say but I think AO is gone , busted maybe idk but I definitely dont think he ripped me off as he has no reason to but it’s a sad day for Canadian buyers to lose such a great vendor . I loved that man!

Five days later, the same user wrote the following in a thread about AO’s return:

Its all good, he got back to me and i recieved my order this friday past, and he threw in a few extra things for the wait, AO #1 vendor on dn in my opinion!

That user has not posted since June 15 and likely used their account only for the purpose of discussing AO.


BCPremo

BCPremo also found themselves at the center of similar discussions in the same subdread. One user created an account on June 1 and posted their concerns about a pack from BCPremo getting seized. Later, also on June 1, that user claimed the tracking had finally updated and that all was well. That user never returned (likely a burner account). The majority of the comments in the threads about BCPremo have been deleted. Many of the users removed their entire accounts.

Like AO, BCPremo showed up in the threads to explain their absence.

BCPremo, on June 3, responded to a now-deleted comment with the following:

Look I have sent the admins of Empire a request to get back in our site and they are being slow. If you want to cancel you r order go ahead! We are not here to scam anyone! We had a solid rep on Dream, we got scammed on WSM, we have 5 star on both Empire and Nightmare. We take care of all our customers and sell a1 PRODUCT! Once we gain access to Empire we can look into this order. We were not online on the 29th we lost access on the 24th.

BCPremo On Dread

BCPremo On Dread

They added additional detail in second comment in the same thread as the above comment. BCPremo stated they had lost the private key needed to decrypt the 2FA challenge on Nightmare Market and on Empire Market. They asked users to contact them via Wickr until they set up a new account under the name “Platinum888.”

Hello we are currently working on gaining access to our store. We lost our private key! We are setting up a new account Platinum888 both or stores of BCPremo on NIghtmare and Empire were under the same Key. Contact us via wickr in the mean time. bcpremo88

Both vendors took “breaks” at similar times in 2019. AO returned fairly normally. BCPremo returned without their PGP key but also seemingly shipped packages as if nothing had changed. Is it possible the RCMP thought both accounts belonged to the same vendor?


Present

A number of users commented on the last AO article with some insight of their own.

i have a thought

I think it was bcprem0 theyre talking about. I had an order with them when this dropped and it all went to shit. They had just recently changed their pgp key and also theyee contact on wickr. Their comma have been weird as fuck too, much differenr than ny precious orders. I also know for a fact they are based in nanaimo and ship from there. So eother you guys made a mistake, the cops did, or whoever sent the info. Im like 99% sure its BCprem0 and not alwaysovrweight. Do with that what you will, but the guys i ordered from were NOT the same as they were before.

sfgdethg

I don’t think they caught the real alwaysoverweight as i received a package from him yesterday and was communicating with him just a couple of days ago

Uhh..

I bought from him received package at the end of january so before the bust.. but everything was fine. Than I tried buying form him again but was unaware of the exit scam by apolon and AO was the one that told me apolon was exit scamming.. this was like 4 days ago after the raid so… This is confusing as fuck

There is no way of knowing if the users leaving these comments are telling the truth about their orders or contact with AO.


Marketplace Accounts

Users continued to mark transactions from AlwaysOverWeight as finalized until Empire Market banned the account (as a precautionary measure) after the RCMP announcement. The RCMP announced the raids on February 13. According to the announcement, the RCMP conducted the actual raids on February 3.

AlwaysOvrWeight on Empire Market

AlwaysOvrWeight on Empire Market

BCPremo’s old account on Empire Market was last active the day of the RCMP’s announcement. BCPremo’s more recent Empire Market account (BCPrem0) is still active and receiving feedback as of February 25.

It seems unlikely that law enforcement would continue to use either account after announcing the arrests made in connection to the case. It also seems unlikely they would make the mistake of identifying the wrong vendor in a year-long investigation. Equally strange the press release claimed AO had used the BCPremo handle online.

BCPrem0 on Empire Market

BCPrem0 on Empire Market


The release significantly downplayed the arrests.

Three Nanaimo residents were also arrested.

It mentioned the arrests in a paragraph without any references to AO or BCPremo. The press release describes two events: the investigation into AO and the raids in Nanaimo. None of the suspects were charged with any crimes as of the announcement (and no new information has been provided by the RCMP since the announcement).


The majority of the information available online does not support the theory that the RCMP arrested AlwaysOverWeight.

I have no explanation for what really happened. Best case scenario is the RCMP arrested three suspected dealers who resold drugs purchased from AO on darkweb markets and from BCPremo via Wickr. None of the suspects were arrested at the house where the RCMP discovered the GHB lab. Worst case scenario for these vendors is that the RCMP is playing 5D chess with this kind of information (or disinformation).

AO might be in control of his account. He might also be in custody and the RCMP are actively fucking with buyers.


Other Notes

AlwaysOverWeight sent three emails. The first two simply demanded the removal of the article. The third email contained actual information. All came from the appropriate email address.

AlwaysOverWeight is clearly active on Dread

AlwaysOverWeight is clearly active on Dread

A different party sent an email to the primary Darknetlive email address that made a similar demand: “Please remove all comments of people saying bcprem0 is related to the arrest and seizure of AlwaysOvrWeight.” The message came from an email address I did not recognize and the sender had encrypted the message with an outdated PGP key.

Both parties are welcome to send a signed message. Anyone from the RCMP is certainly welcome to send an email with any additional information.

24 Comments

Frosty

Tue, Feb 25, 2020

This is one hell of a story. I thought the Canucks had they geese in line.

frosty

Tue, Feb 25, 2020

impressive write-up.

Insider

Tue, Feb 25, 2020

police started spreading FUD on legit vendor cuz he is too good

8

Tue, Feb 25, 2020

AO is /u/silkroad on Empire.

It’s an undercover investigation.

ytsorF

Tue, Feb 25, 2020

i have more information.

user ‘silkroad’ on Empire is AO.

more to come.

normal guy

Tue, Feb 25, 2020

selling that many different drugs, why be greedy and also sell fentanyl too? anyone who sells fent DESERVES to get busted

Frosty

Tue, Feb 25, 2020

They didn't get him. I have been in contact with him and continue to do business with the team.

frosty da snow G

Wed, Feb 26, 2020

LOL shouldve just ditched his handle. catastrophic opsec fail

frrosty

Wed, Feb 26, 2020

AO would be busted. This is Canada its not like he would have gone to jail. He’s probably got money for bail in addition to that, house arrest at worst while awaiting to settle matters. All the details exonerating AO in this article and that he continues to use to explain how it wasnt them/him who was pinched all fluff. In reality it does not prove it wasnt him.

It only makes sense to me that he is clinging to the AO moniker so desperately so when he/they go to court, they can present all t his information from public forums of people saying they were still receiving orders, communicating, AO was still getting feedback etc. to appear as a defense. How could the persons arrested possibly be the vendor if the account was still functioning while they were briefly in custody (a few days maybe?). I think AO is confident that is enough reasonable doubt to on the charges. Sorry not buying it. If you have 3000 transactions, and your private key, remake your accounts and verify your past credibility with the old key. Hell, make a new subkey from the original one but ditch the fucking name. It was in the paper, why the hell would you want any thing like that near you. I wouid never order from a vendor again if I saw their name on the RCMP websire and couldnt bother to let it go. No fucking chance. A specialized RCMP task force who’s prime objective for the past year has been AO is not going to wrongfully announce his arrest 10 days after the raids when shit hit the fan.
Ifi it took them 10 days after the raids and going through his stuff, why would they release it after that much time passed? If they got it wrong they would have kept it hush hush.

AO on dread also admitted there was a 2 day window where packs did not go out, but no explaination. Here’s one - because he was in custody. Why are people thinking that their packs arriving means no run in with the law? Like hello - of course youre going to receive a packagfe he send 4 days before getting picked up. Its the mail everyone gets things at different times.

AO I am Not buying it, getting tired of hearing about it and more sick of seeing the same desperate posts. LET IT GO. Personally I would never order from a vendor again, busted or not if they kept using the samddumbest shit ever

boogahpicka

Wed, Feb 26, 2020

Please explain exactly how it is an opsec fail because it really isn't.

Why arent my comments posting

Wed, Feb 26, 2020

AO is trying to keep this shit going because IMO hes thinking surely a defense can be used that the arrested person couldnt be him because the account continued uninterrupted. I am confident that AO thinks this will create enough doubt to walk on the charges. Lets be realistic here its canada he will likely not be in jail at worst house arrest. Maybe a couple day interruption. AO said on dread he sent packs every day but a couple in the time between the 3rd and the announcement but didnt explain why. Its the mail going all over the place, there would be no break in packs received unless he was away for like a month. Like its the mail people everyones packs every where are going to land at different times. Factor in the DDOS delays, buyers forgetting, old orders etc. The reasoning "I received my pack" and "still getting feedback?" proves nothing. The RCMP had a task force investigating him for a year, and they announced the name 10 days after the raids. If they were wrong why would they alert the entire community to how closely it was being scrutinized. What sensible human on the darknet would try so desperately to hang onto a moniker scrawled across RCMP radar enough to be announced to the world otherwise? The only situation where keeping the name going is not a gigantic target and red flag is if that is the ticket to your apparent innocence. All the defense needs to to is pull all these foolish and oblivious comments about uninterrupted service to try and suggest the doubt, and its all public forum. That is the only reason I can think of that any sensible human would throw all opsec out the window and not fuck the moniker off. He is desperate to remain free. Obviously. None of these things prove it wasnt him. The fact that you wrote this article proves why AO thinks this tactic is going to work to prove his innocence in court and im surprised at the connections you are drawing at his suggestion that ignore the plain reality of the situation.

DNL

In reply to Why arent my comments posting

I wrote that I believed he was still in control of his account. I personally would not touch him after this. I also do not think the information in the article actually makes AO look any better. Interacting with AO would be no different than interacting with a vendor on the NCIDETF’s list of identified vendors, in my opinion

Seriously

Wed, Feb 26, 2020

Wow like let the moniker die and verify new accounts with your old PGP we are all tired of hearing your desperate attempts to keep the gigantic target of a moniker. People who continue to order from him are just as foolish.

Frosty

Wed, Feb 26, 2020

I dont know never used bcPremo or whatever so i aint going to comment on that. but on alwaysovernight he has been my main and ONLY meth vendor for att least 6 months so i will say this: the messages from him still sound/look like the old ones (correct grammar, punctuation, etc), the product is still the exact same that he was shipping pre-"bust", packaging and stealth is the EXACT same. shipping area is the same general area, cant comment on addresses or anything cuz i never paid attention to any of that shit. ppl should always do their own verifications for max opsec but in my opinion i do not believe AOs operation is under the control of law enforcement or anyone different than whoever was operating it for the second half of 2019

Frosty g

Wed, Feb 26, 2020

Selling fent is a no go. Heroin laced fent and calling it heroin. Vendors like these types do deserve to get caught.

dwlove

Wed, Feb 26, 2020

Impressive detective work, your a G

why?

Wed, Feb 26, 2020

he has like a level 6 or 7 trust rating. you just dont walk away from that shit. thats an investment that is. what you'd call a fungible good. Meaning the AO name has real value.

Thatswhy

Wed, Feb 26, 2020

He has like a level 5 or 6 freedom experience right now though. If he wants to keep it that way he'll drop that investment.

frosty the snowman

Wed, Feb 26, 2020

lol silkroad and AO are not the same people, silkroad is from east coast and AO is from west coast.

rcmpblunders

Wed, Feb 26, 2020

Seems like a bunch of miscommunication between RCMP members, and higher ups, or possibly a fabricated bust.

Seems like a convoluted mess that was only made worse by releasing information that should not have been released, or released at the incorrect time. I would also vouch that the RCMP possibly fabricated aspects to this story, in order to receive more federal funding. Recently ( the past 40 days ) it was announced a healthy portion of Canadian’s tax dollars would be used to fund an anti-crime/drug task force that solely operates in BC.

I can see this entire story and or large portions being fabricated by the RCMP to receive more funding, or some financial benefit from the federal government. They truly are disgraces who can’t even arrest child rapists, murderers etc. What better way to look like the cowboy and get your detachment more funding.

abomb

Thu, Feb 27, 2020

its a real shame AO was a great vender im sure he will rebuild i know he aint busted cause he shipped an order on the 14th to me

Chill

Thu, Feb 27, 2020

User silkroad is a selective scammer and makes up bullshit responses to negative feedback instead of resolving issues

Ao and bcprem0 have great customer service

frosty

Thu, Feb 27, 2020

i made an order from bcprem0 3 months ago and it never arrived, he kept saying he shipped it and it never arrived, i left him negative feedback and my order arrived a week later. I got an order from AO the same week and they had different shipping styles, and the heroin was much different.

strangely enough i got a msg from BCprem0 around the beginning of the month that was basically saying he had a sale and it had been awhile since i ordered.

team cn

Thu, Mar 5, 2020

who gives a shittttttttttttttttttttt

Comment Submitted. Unless flagged for manual review, your comment should show up in about one minute.

Close

Comment Error. If you filled the fields out correctly, feel free to shoot us an email.

Close