Nightmare Market Breach Follows Potential Exit Scam


Exit Scam: It has been just more than a week ago that the Bitcoin transactions have ceased on the well-known darknet market, Nightmare Market. The market staff had reassured the users that all the issues will be fixed within just 24 hours. With this declaration, shortly after that, everything started to work fine. What people are unaware of is the behind scene of this. A hacker meanwhile has almost emptied the Bitcoin wallets of the marketplace while forcing the market to use recent deposits to pay for the older withdrawals giving an idea of exit scam. The Nightmare Market has nosedived towards bankruptcy. Following are the Nightmare Market Statement and Updates.

On the 23rd of July, a user from the Dread darknet forum had posted a thread titled “I think you got hacked”. All throughout the day, the dark web vendors started reporting that they had lost all the access to their accounts. There were several threads that came in having titles “We got hacked. DO NOT ORDER” and “HACKED DO NOT ORDER OFF NIGHTMARE” and has flooded the front page of the Nightmare Market subdread. The person who has claimed to have hacked the vendor accounts through the account name “ithinkyougothacked” has posted lists of the first and last words of a vendor’s mnemonic. Some vendors have confirmed a match between the words posted by the alleged hacker and as well as the 14 words they had saved during the creation of the account. Provided below is an exchange between two vendors and the hacker with the pseudonym “ithinkyougothacked”. The very first comment has disputed the claim that the market had categorically locked the vendors out of their accounts.

Image Source:

Image Source:

The dark web markets are targeted by the disinformation campaigns on a regular basis and allegedly sponsored by rival marketplaces. (The existence of sponsored disinformation campaigns is disputed although.) Users frequently claim that a market is performing exit scam when the market is actually working as well as can be expected. So the claims from ‘ithinkyougothacked’ were met successfully with a healthy amount of skepticism. Witchman05, who is a moderator of the darknet markets subdread has added his thoughts in a comment on Dread as stated below:

Image Source:

Several vendors have since confirmed that the entity behind the hacks had successfully locked them out of the accounts as well. The vendors had nothing in common and no reason to conspire against Nightmare Market whatsoever. One vendor who posted about the hack on Dread had questionable motives, according to other users of the Dread forum. Those motives really had nothing to do with an anti Nightmare Market conspiracy. The following vendors are some who has confirmed the hacker and has identified their mnemonic and/or locked their accounts:

  • /u/MrPBateman
  • /u/muttz
  • /u/DoktorSommer
  • /u/PleasureIsland-UK
  • /u/Vendy_McVendface
  • /u/OZDrugs
  • /u/NamasteLSD
  • /u/Gfellas

A news outlet had reached out to ithinkyougothacked to receive proof whether they had compromised the Nightmare Market. In an encrypted email conversation on the same, this author provided the hacker with the username of a fresh Nightmare Market account. Within a couple of minutes, the hacker responded with proof that they had access to—at the very minimum—a support panel. The hacker also had upgraded the unused account from a buyer account to a vendor account in no time. The upgrade required no bond as well. This made it clear that the hacker had either access to the Nightmare Market database or access to the support (or admin) panel and a staff member’s credentials. This fits the hacker’s claim that he had reset a mod’s mnemonic to access the support panel of Nightmare Market. Below are two screenshots of Nightmare Market containing a major difference:

Image Source:

The staff members of the Nightmare Marketplace often take care of the market issues such as the low-level disputes, issuing the refunds and ticket escalation through an interface unavailable to the general public. The most current example of support panel misuse has occurred during the Wall Street Market takedown. A staff member of the Wall Street Market has shared his credentials with the Hugbunter after the admins had performed an exit scam. Following this, in an unexpected move, a different member of the Wall Street Market’s staff had publicly shared his account details along with the IP address of the Wall Street Market backend on Dread.

Image Source:

The Complete Dread Conversation is here.

Source: DarknetLive

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #.onion_Links #Dark_net_Links # Dark_net_Sites_Links #.onion_Hidden_Links #Hidden_Wiki


  1. Send some Dash to Nightmare market that never arrived in the account. No help from support. And then I had to dispute a transaction because delivery did not arrive. The dispute has been in limbo since July (no one has attended the dispute). Beware of this Market.


Please enter your comment!
Please enter your name here