Update: Dread Downtime and Upgrades

Dread, the top darkweb forum, has been offline for days, leaving users wondering about the future of the site and the status of the forum's admin. After several days of silence, the admin—HugBunter—added a notice to the Dread landing page about the downtime and a number of updates to the platform.

Dread Downtime

Although Dread went down several times in June and July this year as a result of a series of denial of service attacks, the forum stayed online for the majority of the month of August and the beginning of September. Downtimes usually lasted less than a day. And almost every time Dread went down, HugBunter would post a message to the subreddit created for letting users know about downtimes and maintenance. It briefly went down on September 14 and again on September 18. HugBunter notified users of the downtimes and brought the site back online within a few hours of the /r/DreadAlert posts.

A Screenshot of /r/DreadAlert Posts

A Screenshot of /r/DreadAlert Posts

Not long after HugBunter had brought Dread up on September 18, the site became inaccessible to users and has remained inaccessible for a number of days. As of publication, Dread has been down for six days (using a Tweet from DarkDotFail as a reference point). We finally know something about the downtime; HugBunter updated the generic “Down for Maintenance” page with a signed message that explained the purpose of the downtime and served as a proof of life.

DarkDotFail's Tweet About the Downtime

DarkDotFail's Tweet About the Downtime

Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.

The Updated Dowtime Message on Dread

The Updated Dowtime Message on Dread

The message highlights stability in the context of the recent influx of Dread users. A record number of users have subscribed to the Dread subdread (similar to a default subreddit). In the most recent /r/DreadAlert post, HugBunter also mentioned that he was dealing with a “scalability issue.” He is likely dealing with the same issue right now.

The September 18 Downtime Post on DreadAlert

The September 18 Downtime Post on DreadAlert

Dread is an increasingly popular spot for phishers to spread fake links to Empire Market and DarkDotFail. The influx of new users has only increased the number of targets for these phishers and encouraged them to increase the scale of their own operations. Almost every post on the Empire Market subdread had at least one comment with links to fake versions of Empire Market or DarkDotFail. The same comments spread to other popular subdreads as well.

Spammers have also scaled their operations to match the Dread user-base. Accounts similar to bot accounts on Twitter have been posting nonsensical gibberish on any post about a hot topic on Dread, such as comments about Dread itself, various marketplaces, and even DarkDotFail. The posts—recognizable by anyone as obvious spam—usually promote one site and make absurd claims only convincing enough for the least intuitive tabloid editors. These spammers have been submitting a dozen or more of the same comments on some posts.

Similar Spam and Phishing Links on the DreadAlert Subreddit

Similar Spam and Phishing Links on the DreadAlert Subreddit

The spam has been only a minor inconvenience to Dread users but has likely kept Dread mods fairly busy. The phishers have somehow continued to steal funds from the users of at least one market.

HugBunter's update to Dread will likely deal with both the rampant phishing and annoying spam comments in addition to the scalablity issues mentioned in the update as well as the most recent /r/DreadAlert post.

The signature is valid. HugBunter's key is available here (darknetlive) or here (DarkDotFail).

This post will be updated once Dread comes back online.

The Signed Message

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAl2IpgkACgkQ6GEFEPmm
6SKAzQ//bHDUegdtInNBWtDhIKTl9BizmCFC6L555YAdk73nq6FbcMx8WRXmFtvn
v48yaxz6MdK2rbMKTIuLwZJH7ytvBIthpOwAJUmaOdnB9fTbyxjXkYym8VxceRVS
vZVhYB21BUVICec01x5gJGIFzLUaVpPvdlyrg6oBjppeYxqfQPe8oQT47h3ugGyw
/Dh/8UT4dib09U5FYjExzK5JQYZxroFiknSiDkoUC5a+Rr77xD7Sr9gmkWACeU3r
frVn0JA0oPmGBOLLbYRh+ejQHISec9jk5D5Orq3lQVjNBAaCK2CsBKZbsC3wrIv3
kdfFeHvwkQzk7cjjR5saHJRYGVXRysNPIjRHCE9jX4IiuBxgTLYOvntHOEsa76WK
v53T6mUzd8ceLwlC0ITgMQHnBxA1kmOKyrxm8yM8ufyy2zqkUPVFSZo6LLUr0xTJ
wxfb0oTkdsjfPgSJK1K+kJARq7ImBch9vd/fimNBFnFmaYcJD7YLJ9RJYQnYA2Dm
5QTaTZhdv/aD261OHvtIWMOQSsl/S7bhxZx9z41x1+t+/riz0SYpB/WXDF1LxzhW
a1ewX+BixAwciiSKueg35t07qe2ImFLZO98H9Xs4UNKhZNV8By4hLoiJStjNIdKg
G/qggxpaoE7ltR6RmMC3ImJ/a9PwaJxWgZfRLg1h682tNK5NxW8=
=2R+j
-----END PGP SIGNATURE-----

HugBunter's PGP Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFnJVGQBEAC8qfs1mLpDahTWBqKoj8rlwpaEXj8P0n0aOvmyBi9ZPArghGq1
8Smf03RAWPmMfueTQ8y2uxX3AwbOzmmgdT8cLSqTbmSWHAMRvyY+j2psYO8taqr8
qQY+AJORJxflHOR1hL2IB+TwrqovbQO1p2y4MQZc6xBWjCSHWG98TsPtorYD84ZD
T+34SYqVgzu6Q0nVtew9SM5rk/vpU5boFpRq2/RP6sxNgWDt5qrdlDQdbUCv9Vv7
OQM0KvOzfwusWxwDTuW1hsrzgFJ3k6Gh2nBzk/MNbO1ZagsnjWGXRTFVBpPfAasn
9vYwCE2L+iiYTrvy42aqj+mUy5PyhXQP2UNTvQLx1nU0Ql2TXSZjjv5rSK6Do+6/
Idy+xjYBQC0Tx2e9WMSCZWpQJJWyHsOdiQSVDe2UT9AnRCEpnUWckiVDFRFDgYaV
5/lR+oA3hbjmHLadVNgDOKhkdV4GFXuJ/w7ICTBWbZAAPj+E8NcBLwYjc5gg13b2
f53sM4P8j4cafluf6aptORF0drqWtRbYjVMmqKZ8LSWjqSjYi6PzO2jOAcOJeqW0
hQQFxdh2PQ8mUixXjN3XNtOBw6ItuIB/eVobSrzw7Jr9sjTWS4g4b2XkPCEGJZg9
dFt90uBAsw60m9SwIkAGKh/8uoauX48OfF6kQe+u+YUJwU3uiFQQyChsbQARAQAB
tC9IdWdCdW50ZXIgPGh1Z2J1bnRlckBqYWJiZXIuY2FseXhpbnN0aXR1dGUub3Jn
PokCTgQTAQoAOBYhBGEzrOH0uHxR2/P+pehhBRD5pukiBQJZyVRkAhsDBQsJCAcD
BRUKCQgLBRYCAwEAAh4BAheAAAoJEOhhBRD5puki//MP/A+VI5cHWr7TzqffXM8w
GLSJXdeJ664+003IVOuoxK3mgSPrZQ35fkY77MSHXt3BqrZrL3DeG5L3p5ZA00U3
+yX+OZP2S1FchaPUx1YwsUo+k49eLXrqmlw3KUwKOLeiB+UrOPrQpCwQWtp2WV5A
r5SlwUBAQtdtzWgc3jezr7YnpnBy2l5E0UU4RWYo1ZpPbufxSnuWL6+VV3SJs7Ls
TSOP4dZ723/7saQH5Tt0+WTlHRd2LOuFYUMYcSizC6vD+78YDmvRFsjnKUMfknU5
2gRfzz33TQd9biXhbkcm3HS0fCU8Wg8sA7fOjFBg/NL8L1sO62xp1/h8M+R4isgZ
4plhbCi5QBtR1cTpLWc/xy6PHUekd9LeGVK8rM3O5tFkYtOM4Nk8Jm/WBbxNn9sD
Iy45jUzeRBzjN0UzyGBdirF9v519arosjcRxjxiYPfqFk9H1SBWVBvYDbB/sfS+q
hNiCXe2d3HyV6oH9m8iW8shAStuSEZd4bLTBkYSzPI1T+FW2S1038rqDs65LcojO
yCnw9zfVR7DPZLZieizaDIn2uLlR9nDQVzpo3VVAJLiooHyUwC0H3oSs9hL5pSK9
HPK65Ps5rloJy8KCBTO8DcdcNLa1v/dALXVEzDkoVkYdFR8V6yXvXN1PIZqXkf0b
MWAGLbW/QvPBL6YzpivKKG49uQINBFnJVGQBEACW9ir6AbRxwsGu6ivOzBtqV8oh
nzlhGnpPjdgGiYtvUrj+tosXJ/D1Jf5CQhLDxNeLvIGf3m/5xQvtzVxc7vXSPXhg
+GAZBETji76i9ePwMwYLN0T6nTyVQ6FcpYqBl6WLRFCHZXLa/eUqvcvZFdr+a3BI
1q6SZsbnnEqKjqUz1oWMRLIUlYLJfxsoeBg7c81lPH7Sy9goZ86kAk1BwvhLC5hI
CkR/pC9pg9/85YF3kG+lboGxLZHyu9FC84D4YqJB5Jljf8A3ISzxJdw8repSJb1k
6lr7OdR7LDmEzEiJPN9Co+2TqH01yQUok8ezGVDwk1aU6IRnXp1ZHiyXMOJyX1T6
+wbrEtJmfijX6o73m/U1RkS099kg5f/rxMORzIYMsWHxHBqJR56Gpdr7+DtapTRs
rtaw1GXGa1LaZP6EVDYd9FAhDUQbYLxCWkJPAZKWgjA3tLPsMgpN0j/Vl5kkjvz+
/L2L72Bu2L03TzxWw1DPA0+Ot3ST4SnLg7GDpIkWKR58S5TcUbGhR4rsRlBUQ6s2
PQIfO6tAOLsaoW7m6mpu75dvtAu3PzMW7Z8i62aRbVb8H/eBlIqioXCGSnBnfJgm
GHumH6tYRwnDFCLkXOVT0QPPAYsyxMR90ygDgxmbjMUyvlvZ3J7WYX6SGMrT+cGo
/NK38PlJh13XxAjIXwARAQABiQI2BBgBCgAgFiEEYTOs4fS4fFHb8/6l6GEFEPmm
6SIFAlnJVGQCGwwACgkQ6GEFEPmm6SJZVg/9FVp4TgXwu02tX2zBRXd08dQLwr4p
WFijjKID+6oGlA3Ynu4sY9lz3Jl3FHe+Jg30WqO3BhFXDsdvtHHe6clK02811KqE
2DhUAVgw5bWlwDzWg1p9p0zcpc2oszMcUD98moqYs8BPRLpJL8FY2HIwLgf1d6FW
qfJWzqSeQLwnTk2TY8JdOIHiNQyGO3iVvDbTwNiSD4uX4ED275G608MOaS7Sy7Ap
ZZ0cC75D/DpVJHX2xZax++x6ybG+MQTv9R4PX/T/tBBT58xtZAXPbml+K9VZ0glH
kAVjFnRk+I4EhkT7677wVB97j6Mw+8dSiUVPsXqXViM9KJqRhzZ52bt4jugEBHT0
voZgkFBbljvBJomPLo77H9tIkoG6EJpmLQoJy7D8CKhsa2KZsVRGTphYDIOj0Gyj
rBZVYJ+Ie2jUu3Zkf30WQxlSjr2FzTS2qlsbUEduJ6eOKO/FnhdswzSDQMu2DqIa
gp7bM4EIyG06P60FypcwiALCB8HdJyrV3Ih2X/AgZFUQ89pAfPI8+7+hvZd00ClG
bWjYY6scPu6wWKYqBQVItpCREwAhDBvDNDdPq1jV8TMjU1D3tnSAf+IOibk6bZ09
JHT72Xx0//iREagtyMr8gfBZxVfD/DBNUqTWWYkWWTTOpqspJvE/I7vV7AbUmiof
+9k+iQYsg+3PfFo=
=FkeJ
-----END PGP PUBLIC KEY BLOCK-----

Nunya

Something seems awful suspicious about this. Not trying to cause unnecessary panic, but odd behavior for Hug. Is it possible that LE was causing the issues while watching him to make sure he was logged in to everything so they could nab him. Now LE would have his PGP and everything else. Take them a few days to figure out what they have exactly and how to use it.

Just saying, its not like HUG to not give an update for days at a time.

this

weird first hugbunter fails to update the canary then rumors about witchman05 being arrested arrested now dread is down? what is happening people? this is too weird to be a coincidence

delta

Nothing suspicious. The site was flooded with thousands of posts by the darknetstats folks and it was literally unusable. They were creating hundreds of accounts by the hour to flood their shitposts. Pretty sure HB is making changes to fix whatever issue they exploited to make all those accounts.

Jah

Some moderators are gone and all this is very strange I'm keeping away from them until I trust again

johnnytalksalot

blah blah blah come to my bla bla bla im so bored i need dread back up i dont know what to do been walking in circles waitnig for the re opening hug you owe me some coke ;)

grid

Too many pishers and exploiters he's alone (possibily) I hope he gets the help he needs

RicoW88

Hug was being questioned by LE, he's a tx69 rat

Barry

He should at least update the message with a more current status. Should be ready this evening, clearly he got that wrong or something has happened to him

The One

Hug is the feds. Dread has been a honey trap since it was launched.

S.dot

Sam Sara market is saying down I just loaded money yesterday and placed a order I hope the site get back up

The main problem with Hugbunter is

The feds are looking for him just as hard as a market admin. He supplies vendor stores and runs Dread the feds charge him under the rico act.

LoL

What is going on?

BearerOfBadNews

I hate to be bearer of bad news but Hug has been detained. News of this will be released either this weekend or early next week. Unfortunately LE gained access to some of the resources. I say detained because his arrest isn't official and he may be cooperating. I have little details as of now but unfortunately he had an opsec leak that was exploited. I do not know the full nature of this opsec leak but it was enough for LE to gain compromising and identifying information. I know this will be met with skepticism but I wanted to beat LE's attempts at relaunching Dread with some critical zero day exploits to grab low hanging fruit. If you have a shop with hugbunter you better be sure you know how to handle bitcoin. He never did release XMR for whatever reason but consider all vendor wallets, the xpub at least, to be compromised. LE won't be able to take coins but they have full history of vendor wallets of each shop. Be careful.

Dingbat

@BearerOfBadNews - Funny how you mention Hug and the vendor shops he made along with not releasing XMR, were you not complaining about this under the account Vendy_McVendFace a few weeks back? I find that to be a great coincidence.

Comments Closed