Update: Dread Downtime and Upgrades

~3 min read | Published on 2019-09-24, tagged Dread using 747 words.

Dread, the top darkweb forum, has been offline for days, leaving users wondering about the future of the site and the status of the forum’s admin. After several days of silence, the admin—HugBunter—added a notice to the Dread landing page about the downtime and a number of updates to the platform.Dread Downtime
Although Dread went down several times in June and July this year as a result of a series of denial of service attacks, the forum stayed online for the majority of the month of August and the beginning of September. Downtimes usually lasted less than a day. And almost every time Dread went down, HugBunter would post a message to the subreddit created for letting users know about downtimes and maintenance. It briefly went down on September 14 and again on September 18. HugBunter notified users of the downtimes and brought the site back online within a few hours of the /r/DreadAlert posts.

A Screenshot of /r/DreadAlert Posts

Not long after HugBunter had brought Dread up on September 18, the site became inaccessible to users and has remained inaccessible for a number of days. As of publication, Dread has been down for six days (using a Tweet from DarkDotFail as a reference point). We finally know something about the downtime; HugBunter updated the generic “Down for Maintenance” page with a signed message that explained the purpose of the downtime and served as a proof of life.

DarkDotFail's Tweet About the Downtime

Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.

The Updated Dowtime Message on Dread

The message highlights stability in the context of the recent influx of Dread users. A record number of users have subscribed to the Dread subdread (similar to a default subreddit). In the most recent /r/DreadAlert post, HugBunter also mentioned that he was dealing with a “scalability issue.” He is likely dealing with the same issue right now.

The September 18 Downtime Post on DreadAlert

Dread is an increasingly popular spot for phishers to spread fake links to Empire Market and DarkDotFail. The influx of new users has only increased the number of targets for these phishers and encouraged them to increase the scale of their own operations. Almost every post on the Empire Market subdread had at least one comment with links to fake versions of Empire Market or DarkDotFail. The same comments spread to other popular subdreads as well.

Spammers have also scaled their operations to match the Dread user-base. Accounts similar to bot accounts on Twitter have been posting nonsensical gibberish on any post about a hot topic on Dread, such as comments about Dread itself, various marketplaces, and even DarkDotFail. The posts—recognizable by anyone as obvious spam—usually promote one site and make absurd claims only convincing enough for the least intuitive tabloid editors. These spammers have been submitting a dozen or more of the same comments on some posts.

Similar Spam and Phishing Links on the DreadAlert Subreddit

The spam has been only a minor inconvenience to Dread users but has likely kept Dread mods fairly busy. The phishers have somehow continued to steal funds from the users of at least one market.
HugBunter’s update to Dread will likely deal with both the rampant phishing and annoying spam comments in addition to the scalablity issues mentioned in the update as well as the most recent /r/DreadAlert post.
The signature is valid. HugBunter’s key is available here (darknetlive) or here (DarkDotFail).
This post will be updated once Dread comes back online.
The Signed Message -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512Working on a huge update to provide increased stability as the platform grows further and will reduce a whole lot of spam and phishing. The update includes a variety of bug fixes and new features and should be ready to go live by this evening. I am extremely sorry for the downtime and lack of communication right now, this is the biggest update to the codebase that I will have performed and completely restructures everything behind the scenes. Thank you for your continued patience.-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAl2IpgkACgkQ6GEFEPmm6SKAzQ//bHDUegdtInNBWtDhIKTl9BizmCFC6L555YAdk73nq6FbcMx8WRXmFtvnv48yaxz6MdK2rbMKTIuLwZJH7ytvBIthpOwAJUmaOdnB9fTbyxjXkYym8VxceRVSvZVhYB21BUVICec01x5gJGIFzLUaVpPvdlyrg6oBjppeYxqfQPe8oQT47h3ugGyw/Dh/8UT4dib09U5FYjExzK5JQYZxroFiknSiDkoUC5a+Rr77xD7Sr9gmkWACeU3rfrVn0JA0oPmGBOLLbYRh+ejQHISec9jk5D5Orq3lQVjNBAaCK2CsBKZbsC3wrIv3kdfFeHvwkQzk7cjjR5saHJRYGVXRysNPIjRHCE9jX4IiuBxgTLYOvntHOEsa76WKv53T6mUzd8ceLwlC0ITgMQHnBxA1kmOKyrxm8yM8ufyy2zqkUPVFSZo6LLUr0xTJwxfb0oTkdsjfPgSJK1K+kJARq7ImBch9vd/fimNBFnFmaYcJD7YLJ9RJYQnYA2Dm5QTaTZhdv/aD261OHvtIWMOQSsl/S7bhxZx9z41x1+t+/riz0SYpB/WXDF1LxzhWa1ewX+BixAwciiSKueg35t07qe2ImFLZO98H9Xs4UNKhZNV8By4hLoiJStjNIdKgG/qggxpaoE7ltR6RmMC3ImJ/a9PwaJxWgZfRLg1h682tNK5NxW8==2R+j-----END PGP SIGNATURE-----
HugBunter’s PGP Key -----BEGIN PGP PUBLIC KEY BLOCK-----mQINBFnJVGQBEAC8qfs1mLpDahTWBqKoj8rlwpaEXj8P0n0aOvmyBi9ZPArghGq18Smf03RAWPmMfueTQ8y2uxX3AwbOzmmgdT8cLSqTbmSWHAMRvyY+j2psYO8taqr8qQY+AJORJxflHOR1hL2IB+TwrqovbQO1p2y4MQZc6xBWjCSHWG98TsPtorYD84ZDT+34SYqVgzu6Q0nVtew9SM5rk/vpU5boFpRq2/RP6sxNgWDt5qrdlDQdbUCv9Vv7OQM0KvOzfwusWxwDTuW1hsrzgFJ3k6Gh2nBzk/MNbO1ZagsnjWGXRTFVBpPfAasn9vYwCE2L+iiYTrvy42aqj+mUy5PyhXQP2UNTvQLx1nU0Ql2TXSZjjv5rSK6Do+6/Idy+xjYBQC0Tx2e9WMSCZWpQJJWyHsOdiQSVDe2UT9AnRCEpnUWckiVDFRFDgYaV5/lR+oA3hbjmHLadVNgDOKhkdV4GFXuJ/w7ICTBWbZAAPj+E8NcBLwYjc5gg13b2f53sM4P8j4cafluf6aptORF0drqWtRbYjVMmqKZ8LSWjqSjYi6PzO2jOAcOJeqW0hQQFxdh2PQ8mUixXjN3XNtOBw6ItuIB/eVobSrzw7Jr9sjTWS4g4b2XkPCEGJZg9dFt90uBAsw60m9SwIkAGKh/8uoauX48OfF6kQe+u+YUJwU3uiFQQyChsbQARAQABtC9IdWdCdW50ZXIgPGh1Z2J1bnRlckBqYWJiZXIuY2FseXhpbnN0aXR1dGUub3JnPokCTgQTAQoAOBYhBGEzrOH0uHxR2/P+pehhBRD5pukiBQJZyVRkAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEOhhBRD5puki//MP/A+VI5cHWr7TzqffXM8wGLSJXdeJ664+003IVOuoxK3mgSPrZQ35fkY77MSHXt3BqrZrL3DeG5L3p5ZA00U3+yX+OZP2S1FchaPUx1YwsUo+k49eLXrqmlw3KUwKOLeiB+UrOPrQpCwQWtp2WV5Ar5SlwUBAQtdtzWgc3jezr7YnpnBy2l5E0UU4RWYo1ZpPbufxSnuWL6+VV3SJs7LsTSOP4dZ723/7saQH5Tt0+WTlHRd2LOuFYUMYcSizC6vD+78YDmvRFsjnKUMfknU52gRfzz33TQd9biXhbkcm3HS0fCU8Wg8sA7fOjFBg/NL8L1sO62xp1/h8M+R4isgZ4plhbCi5QBtR1cTpLWc/xy6PHUekd9LeGVK8rM3O5tFkYtOM4Nk8Jm/WBbxNn9sDIy45jUzeRBzjN0UzyGBdirF9v519arosjcRxjxiYPfqFk9H1SBWVBvYDbB/sfS+qhNiCXe2d3HyV6oH9m8iW8shAStuSEZd4bLTBkYSzPI1T+FW2S1038rqDs65LcojOyCnw9zfVR7DPZLZieizaDIn2uLlR9nDQVzpo3VVAJLiooHyUwC0H3oSs9hL5pSK9HPK65Ps5rloJy8KCBTO8DcdcNLa1v/dALXVEzDkoVkYdFR8V6yXvXN1PIZqXkf0bMWAGLbW/QvPBL6YzpivKKG49uQINBFnJVGQBEACW9ir6AbRxwsGu6ivOzBtqV8ohnzlhGnpPjdgGiYtvUrj+tosXJ/D1Jf5CQhLDxNeLvIGf3m/5xQvtzVxc7vXSPXhg+GAZBETji76i9ePwMwYLN0T6nTyVQ6FcpYqBl6WLRFCHZXLa/eUqvcvZFdr+a3BI1q6SZsbnnEqKjqUz1oWMRLIUlYLJfxsoeBg7c81lPH7Sy9goZ86kAk1BwvhLC5hICkR/pC9pg9/85YF3kG+lboGxLZHyu9FC84D4YqJB5Jljf8A3ISzxJdw8repSJb1k6lr7OdR7LDmEzEiJPN9Co+2TqH01yQUok8ezGVDwk1aU6IRnXp1ZHiyXMOJyX1T6+wbrEtJmfijX6o73m/U1RkS099kg5f/rxMORzIYMsWHxHBqJR56Gpdr7+DtapTRsrtaw1GXGa1LaZP6EVDYd9FAhDUQbYLxCWkJPAZKWgjA3tLPsMgpN0j/Vl5kkjvz+/L2L72Bu2L03TzxWw1DPA0+Ot3ST4SnLg7GDpIkWKR58S5TcUbGhR4rsRlBUQ6s2PQIfO6tAOLsaoW7m6mpu75dvtAu3PzMW7Z8i62aRbVb8H/eBlIqioXCGSnBnfJgmGHumH6tYRwnDFCLkXOVT0QPPAYsyxMR90ygDgxmbjMUyvlvZ3J7WYX6SGMrT+cGo/NK38PlJh13XxAjIXwARAQABiQI2BBgBCgAgFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAlnJVGQCGwwACgkQ6GEFEPmm6SJZVg/9FVp4TgXwu02tX2zBRXd08dQLwr4pWFijjKID+6oGlA3Ynu4sY9lz3Jl3FHe+Jg30WqO3BhFXDsdvtHHe6clK02811KqE2DhUAVgw5bWlwDzWg1p9p0zcpc2oszMcUD98moqYs8BPRLpJL8FY2HIwLgf1d6FWqfJWzqSeQLwnTk2TY8JdOIHiNQyGO3iVvDbTwNiSD4uX4ED275G608MOaS7Sy7ApZZ0cC75D/DpVJHX2xZax++x6ybG+MQTv9R4PX/T/tBBT58xtZAXPbml+K9VZ0glHkAVjFnRk+I4EhkT7677wVB97j6Mw+8dSiUVPsXqXViM9KJqRhzZ52bt4jugEBHT0voZgkFBbljvBJomPLo77H9tIkoG6EJpmLQoJy7D8CKhsa2KZsVRGTphYDIOj0GyjrBZVYJ+Ie2jUu3Zkf30WQxlSjr2FzTS2qlsbUEduJ6eOKO/FnhdswzSDQMu2DqIagp7bM4EIyG06P60FypcwiALCB8HdJyrV3Ih2X/AgZFUQ89pAfPI8+7+hvZd00ClGbWjYY6scPu6wWKYqBQVItpCREwAhDBvDNDdPq1jV8TMjU1D3tnSAf+IOibk6bZ09JHT72Xx0//iREagtyMr8gfBZxVfD/DBNUqTWWYkWWTTOpqspJvE/I7vV7AbUmiof+9k+iQYsg+3PfFo==FkeJ-----END PGP PUBLIC KEY BLOCK-----

Comments (11)


Something seems awful suspicious about this. Not trying to cause unnecessary panic, but odd behavior for Hug. Is it possible that LE was causing the issues while watching him to make sure he was logged in to everything so they could nab him. Now LE would have his PGP and everything else. Take them a few days to figure out what they have exactly and how to use it. Just saying, its not like HUG to not give an update for days at a time.


weird first hugbunter fails to update the canary then rumors about witchman05 being arrested arrested now dread is down? what is happening people? this is too weird to be a coincidence


Nothing suspicious. The site was flooded with thousands of posts by the darknetstats folks and it was literally unusable. They were creating hundreds of accounts by the hour to flood their shitposts. Pretty sure HB is making changes to fix whatever issue they exploited to make all those accounts.


Some moderators are gone and all this is very strange I'm keeping away from them until I trust again

me from here2019-09-25

all hail dread


blah blah blah come to my bla bla bla im so bored i need dread back up i dont know what to do been walking in circles waitnig for the re opening hug you owe me some coke ;)


Too many pishers and exploiters he's alone (possibily) I hope he gets the help he needs


What is going on?

is Hug Gone2019-09-27



I hate to be bearer of bad news but Hug has been detained. News of this will be released either this weekend or early next week. Unfortunately LE gained access to some of the resources. I say detained because his arrest isn't official and he may be cooperating. I have little details as of now but unfortunately he had an opsec leak that was exploited. I do not know the full nature of this opsec leak but it was enough for LE to gain compromising and identifying information. I know this will be met with skepticism but I wanted to beat LE's attempts at relaunching Dread with some critical zero day exploits to grab low hanging fruit. If you have a shop with hugbunter you better be sure you know how to handle bitcoin. He never did release XMR for whatever reason but consider all vendor wallets, the xpub at least, to be compromised. LE won't be able to take coins but they have full history of vendor wallets of each shop. Be careful.


@BearerOfBadNews - Funny how you mention Hug and the vendor shops he made along with not releasing XMR, were you not complaining about this under the account Vendy_McVendFace a few weeks back? I find that to be a great coincidence.