A user alerted us about several dream vendors that have listed the PGP key of the Dutch National Police [DNP] on their profile on Dream market.
In the following the list of vendors that listed the DNP key when I checked it:
00DRGREEN00
BoulderMedical
cannab1z
cocaMG
dutchcandyshop
GlazzyEyez
Gridlockdope
guessguess
ibulk
iCoke
MarcoPolo420
mushroomgod
wolfydutch
DrPoseidon [see https://www.reddit.com/r/DarkNetMarkets/comments/6pa47l/many_dream_vendors_compromised/dlx2w1m/ ]
Note that they do not appear on the DNP hidden service so they are probably fresh.
I do not know why they would put the DNP key in the vendor profiles, since a malicious key that at least looks like the real vendor's key would result in users falling for it. Maybe they already achieved that and now make the names of the compromised vendor accounts public by listing the DNP key.
The DNP stated that they seized vendor accounts on other markets with the data they gathered from running Hansa, maybe these vendors were the target of it. It appears that some of the listed vendors have the DNP key up for some time now but apparently new vendors [the ones in the list above] started listing it now too
The vendor
UKLadyBuds
has listed a weird PGP key which is not the DNP key but also does not resemble the vendor name at all. They key is also different from the one listed on grams. Plus he posted on reddit that he is locked out of his Dream account.
kingodua
has apparently also no access to his Dream account and his PGP key is changed to a different one, but the account is still taking orders.
The list will be updated as I check more vendors. Here the original post by /u/hugbitchesfuckmoney but it contained some vendors that had their usual key listed when I checked them.
What does that mean for me?
No vendor would willingly list the DNP key. Either the vendors are compromised [more likely] or the Dream admins, or maybe both. Regardless, if you have ordered from one of the listed vendors, clean your house now (remove everything illegal and suspicious) and research a lawyer**.
The vendors:
medicalzNL
rxchemist
turn up when searching for the DNP key on grams, i.e. entering the key on this page. However they have currently not listed the DNP key on their profile. This means that grams probably crawled them some time ago and they had the DNP key listed at that point. After-wards they changed it back.
I am not sure why law enforcement would do that, but the customers from these vendors should also proceed as explained above to be safe.
DrRelax
has a brand new PGP key created on July 20. If somebody has his old key, one could ask him to sign his new key and then verify the signature.
However thanks to /u/hugbitchesfuckmoney who posted publicly about the PGP key changes to warn fellow DNM users.
Great to know, it might be a good idea to keep an updated list of "compromised vendors" in the side bar, at least for a while. Being able to do a quick Ctrl+f to look for a vendor that you are about to use would be nice.
You'd think the DNP would at least try to be a bit sneakier about this. Glad they aren't though.