I was reading the limited article out there regarding the bust of OxyMonster. Here are some thoughts/concerns/confusion. If the article and LE are to believed, OxyMonster was betrayed due to BTC analysis and LE somehow became aware of a reused BTC address that eventually linked to his LBC account. I can only assume that the BTC address referenced is one that was used to accept withdraws from Dream. The following is a lot of speculation/options but these I believe are very good questions we should be asking in analyzing what the fuck is going on.
In August, agents learned that "OxyMonster" was using a certain bitcoin address for the sales transactions. They soon analyzed incoming and outgoing transactions from that bitcoin address and discovered that most of them went to Vallerius on Localbitcoins.com
Has anyone wondered how this was made possible? If this is true, this implies that Dream is infiltrated at the server level at least right? If LE was performing controlled buys, how would it be possible that LE could do bitcoin analysis? Dream is definitely big enough that vendor withdrawals shouldn't be able to be linked to a purchase. The chain would have been broken between the buyer deposit (LE controlled buy) and the vendor withdrawal. Can anyone else figure how this would be possible without LE having server access? Its not enough to just know the hot wallets. They had to have insider information to know that OxyMonster withdrawals went to that particular BTC address.
was using a certain bitcoin address
Seriously?? Does this imply that OxyMonster was reusing the same Bitcoin address for withdraws? I'm not a vendor so I don't know how withdraws work on Dream. Do vendors specify a single BTC address on their vending account and then all withdraws go there? If so, that is a shitty system. BTC addresses should NEVER be re-used. Ever. And its for this reason. However, if LE had a servers compromised, its a moot point.
If LE didn't compromise servers, does that imply vendor was hacked?
We have seen a BUNCH of vendor accounts hacked lately. LE would be able to get transaction history with hacked vending account. The question is - is this how they are doing this? By hacking vendor accounts, they get what they need to bust a vendor and it does not require LE have server access. This would be sobering. Are hacked vendor accounts then a part of a large LE operation to bust vendors and not just hackerz for lulz? Perhaps this is why? The other question is, I would assume OxyMonster would have 2FA. Did he get phished somehow via a sophisticated phishing site that would "forward" the PGP to be decrypted? One thing though is that it seems like vendors who have been hacked also had their PGP changed to enable future logins since hackers would be doing it for coin and not to arrest a vendor. LE would not want to do it this way. So does this imply that Dream's auth mechanism is fundamentally flawed? Vendors get phished. But would a sr. moderator (and potential admin) be that gullible? I'm torn on this being likely. Perhaps LE wouldn't care about future access to the account (like a hacker would who wants to steal) and thus if they phished him once, they get one time access and they see the withdraw address and that's all they need.
An alternative to the way BTC was discovered
It is also possible, but I think unlikely, that LE worked the other way. They went from his LBC account for some reason and worked their way back and found a connection between his LBC account and dream hot wallet. I'm thinking its unlikely because he wasn't American as far as I know. If he was American, it might make sense that the IRS could look into an LBC account to ensure taxes were paid. But since he wasn't, I don't see why US LE and IRS would be involved unless they were investigating it from a drug angle from the start. I just don't think LE worked from LBC back. THey worked from Dream and linked his LBC. This would also imply that he didn't tumble or that tumbling is absolutely worthless.
I'll post more confusion points I've had with this. There are some potentially wide reaching implications. Perhaps its as simple as he got phished but my original thought was "LE is inside Dream" and they have access to the servers and its just busting guys at this point.
If LE had server access, why wait? What of the luckyduckquack who claimed that Dream woudl go down August 20?
luckyduckquack was that guy who predicted the Hansa takedown if I recall correctly. He also predicted Dream would be taken over Aug 20. That date came and went. Perhaps he wasn't fully incorrect. LE would have known at some point that Oxy was heading to get his beard judged in Austin, Tx. This would be enough for LE to want to wait to make any move until he was nabbed. This is due to my understanding that France will not extradite their citizen to the US and this could have played a role in LE waiting until he landed in Atlanta. So its possible luckyduck was right but the timeline was skewed so they could nab this guy.
Is this related to the bitcoin wallet and coin loss and other weird bugs/issues/problems at dream?
To sum up, does the fact that Dream has had a lot of bad issues since this guy's arrest relate to OxyMonster's arrest? If so, then it seems pretty damning evidence that OxyMonster is more than just a Forum Moderator and is an admin or LE were able to locate servers/gain server access and LE has caused the issues. This might imply LE didn't have server access before b/c why would the arrest change how things are being run on Dream if they had it compromised before. But then, it begs the first question - how did they find OxyMonster's BTC address in the first place? Or perhaps they did have servers compromised before, the arrest of OxyMonster is just changing the nature of the operation now. Before, they were quiet and doing nothing and with OxyMOnster arrest, they are now entering another phase.
All speculation but I think these are fair questions I wanted to pose to you guys.
Oxymonster has a btc address on his dream market profile...claiming its a dream market staff tip jar... could it have been his on the sly?