Home » Featured » TheRealDeal: This Long-Dead Market Was Just Relaunched!
Click Here To Hide Tor

TheRealDeal: This Long-Dead Market Was Just Relaunched!

Just when you think you’ve seen everything, the darknet scene surprises you again, this time its our old acquaintance from the TheRealDeal market who decided to put his market back online again. For those of you who don’t know what i’m talking about, TheRealDeal was a controversial market focused at selling malwares and exploits which gained extensive media exposure and was involved in some of the more prominent events we had last year such as:

And some other DNM related drama’s behind the scenes.

Few months ago, a member of this market team known as “Ping” was arrested during some unrelated bust of a darknet hacking forum and a carding operation, and two other members were supposedly arrested during the  Darkcode forum bust (their actual status or ID were never confirmed), while the main market admin remained at large.

About two weeks ago, the admin renewed his contact with me and was able to verify its the same person, he also agreed to answer some questions related to the previous events leading him to take down his market and re-launch it, here are his answers:

This situation is pretty unusual… a market being back after being down, up and down again, right after the admin says some of the staff got arrested in the Darkcode bust, what the story behind this?

There is not much that can be said, at least without compromising the very basics of operational security, but what I can say is that most of the original team is not with us at the moment. Currently, at least for the time being, the market will be under the management of me (identified in support as admin S.P.), an old vendor that has stuck with us from the beginning, and a couple of trustworthy people from other darknet communities. I can also add that the main reason of the last down time was paranoia, if it turned out to be justifiable or not, I cannot say..

I guess you know what the first thing that people will think (honeypot), What can you tell them?

People are free to say and think whatever they want, I myself support that very much. But I think the main answer to this question is thinking without the influence of darknet goodies :) If there was any sort of problem on our side, or if we had done anything wrong – we would just rebrand, slap on a new name, some css and new domain – wouldn’t we? I think what’s important is our stand and belief in a fully mutisig market that focuses on high quality digital goods and before we were forced to shut down, we were right on track if not already there. I must admit we also purchased high quality exploits from our vendors for full price and I will also admit that it benefits us in other ways – to have first dibs on brand new exploit code.

When you shut down, it was done without returning users funds in sort of “exit scam”, any plans to returning those missing BTC?

When we shut down, or more like before we shut down, approximately 5BTC ended up in an address we no longer have control of. If anyone thinks this can be called an exit scam they are absolutely crazy, those are peanuts compare to the money made from the market.

We do however intend to collect the very same missing amount from market fees, vendor fees and additional services we are launching. This collection will be fully visible to the public too. If anyone who lost coins during that small period of time can show us proof for his transaction (for example signing a message with they’re bitcoin key used for the transaction) we will be more than happy to pay them back.

Is this the same market or any improvements were made?

The market is mostly the same. At the current stage we are running from a backup that includes approx 10,000 users and 800~ listings. All vendors who registered in the past can login *without paying the vendor fee*. Any account (and associated listings) not used until the 25th of December will be deleted and removed in order to make sure only active listings are presented.

In addition to this, we have created an automated DDoS service (button at top menu) which is up and running, and we will be adding 2 more services in the next few days – The first is a free service that will allow anyone to take a sample of information or database they plan on buying, and check if it was ever made public (by comparing samples of information like email/password combinations etc… with a huge amount of leaked databases that we know of.) This service will be maintained by one of the biggest data breach/leak actors out there.

The other service is a cryptowall generator (or CTB if you like) – This service will cost money and will require the user to input a url that they own to log passwords and other unlocking information, and also a payout address and message. This will produce the user a Fully Undetectable exe that can be used instantly.

We have a few more cards up our sleeves but that is all I can say for now :)

Did you patch those bugs that were reported back than?

The previous most known “issue” where one could see escrow addresses is absolute nonsense created by a failing market admin (he is known on your website as ‘inspector’ and on reddit as a bunch of throw away coward users). Many blockchain indexing services out there know exactly which addresses are associated to which market. We will shut this after we done paying back the 5 BTC that got stuck in limbo – just for the sake of full disclosure.

Anything else you want to add?

911 was an inside job! (no, not really)

32 comments

  1. yes, fuck yes!

  2. Nice job on the automated ddos service! extremely strong

  3. Nice, but where disappeared yours search function?
    BTW in reddit thread is still visible Gwern opinion, where they think about it like about most critical opsec failure.
    We save your ass because many your javascript user do not tumble coins so LE are able to trace down every transaction because every transaction is public instead of private … by your unfixed bitwasp piece of code.
    Also our market never performed any amorale acts against others like performed DDOS or making untrue statuses and articles.
    Anyway our mentioned market was never failed or shill – just for an objective article.
    And please, do not take this as personal insult because it is friendly and objective opinion.

    • inspect her gadget

      inspector is a dirty scammer that can’t speak english and makes no sense.

    • therealdeal

      Inspector, please do not talk about opsec failures, or we will dump your market’s real ip along with all users, pgp keys and clearnet links to profiles right here.

      Don’t tell us we do not know how to secure bitwasp, when you haven’t done so yourself.

      Also stop hiding behind fake names, we don’t.

      Thanks
      TRD Admin

      • dump it all! his mook deserves it.

        We ALL KNOW you planned to EXIT SCAM!!
        and your market HONESTY is a load of shit, you don’t donate to chariy for homeless drug addicts MR MEAN guy so don’t pretend to be some patron saint of gayness!

      • Feel free to post it — finally proof your words, We know much more about OPSEC and anyone else with a brain can compare markets and their functions … it is your market which look unprofessional and also making fake reviews … nobody post reviews if your market show from dust after half year with positive rating ..
        Also when yours market has disappears then nobody cares about it — because nobody uses your garbage place. You still only makes fake reviews and shill over whole darknet … Your mouth is full of shits saying, writing so many lies … continue ddosing another markets and still hoping that other vendors will be use yours market … We are done with you because you are mentally ill …

        • Despite what you say we have approx 50 paying customers for the ddos service and over 10 orders in the past 2 days, top that with 5 new paying vendors and a bunch of old ones claiming their access again. You can even see this as we are going for full disclosure until the market gains 5 btc in fees for the coins stuck in limbo, so don’t talk out of your ass.

          We are done being diplomatic with you Inspector.

          Inspector, owner of the failing Bloomsfield market.
          If you had any understand of basic security you would know the PGP uses a random seed to compute its key, with knowledge of this key it would be quite easy to precompute this key, and in case of your insecure, unpatched and untouched bitwasp running market would make it easy to decrypt sensitive information stored in the database, like messages that users did not encrypt themselves.

          So why do you allow anyone to download this random seed at any time?

          http://spr3udtjiegxevzt.onion.top/application/storage/.gnupg/random_seed

          It is obvious you have no clue about security or cryptography, or even basic understanding of the linux gpg package.

          Oh wait, you also expose all your users and their pgp keys by allowing anyone to download the public key ring from
          http://spr3udtjiegxevzt.onion.top/application/storage/.gnupg/pubring.gpg

          If one would look carefully, they will instantly identify the owners of the market at the top of that file… now lets do some research.

          fauxik [email protected]
          that’s you, looks like you did a Ross 101 Opsec mistake here, because you posted with this nick on bitcointalk:

          https://bitcointalk.org/index.php?topic=611760.msg10819936#msg10819936

          “Hello!
          That sounds you have some experience with Bitwasp.
          Can I ask you some question?

          I testing out Bitwasp and I do not know what I supposed to do.

          I am not sure, but there I may somehow put my admin bip32 private into $master ? But I unfortunatelly I do not know how.” – you idiot.

          Your English looks very good, as usual :)
          You also seem to not have the basic understandings of multisig, public and private bip keys, and can’t seem to run bitwasp out of the box (surprise surprise)

          Maybe we should have a word on BM?
          predajca [email protected]
          [email protected]

          or should we research other names you hide behind like biocanna?

          If we look in the right places, we see you are no more than just a little kid who is active in online gaming too communities too, seems like you have a lot of free time.

          You also do not proxy any requests coming out of your market’s server, and when those requests fail, your server’s ip gets exposed in an error….but we don’t put people in jail, even thought we are not sure a scam market with no sales can even get you there…we will spare you from this one, until next time…

          Good luck sir,
          TheRealDeal Market

        • Sidelines.shadow

          Gotta say – Inspector, you really are pretty illiterate when it comes to using the English language to me, fluency in English is one of the first tells that can be used to spot a potential scam. It’s not the case that all ESL folks are scammers… But it looks like almost all scams originate with people who are ESL. Maybe you should use a grammar check tool first next time?

      • @Therealdeal you dump it and you reveal only some parts of his admin’s password. Inspector confirms it. end of the shits.
        aren’t you tired of useless accusations?

      • you dump it and you reveal only some parts his admin’s password. INSPECTOR confirms it. end of the shit.
        aren’t you tired of useless accusations?

    • therealdeal

      Also please spare us from wild baseless accusations..

  4. sometimes i think Mr D aka MR nice guy is that kid that started and failed with Flomarket couple year ago.

  5. I don’t know JUSTIO – Will you accept this http://spr3udtjiegxevzt.onion.top/application/storage/.gnupg/secring.gpg (suppose to be) secret pgp keyring, as a ring?

  6. You can find me on there now along with Dream Marketplace :) I just wish they could tweak some drug listing’s for more accuracy along with instead of only BTC, we could use standard USD.

    • Thanks for joining us and welcome to our market!

      We have seen your suggestions and are working on applying them, along with a very much needed redesign of the sidebar menu :)

      As to the USD issue – you can set your currency to USD in your profile page.
      Price is currently locked at time of the deal but we are working on a system that will use our own coins, exchange them for dollars once an order is placed and exchange them back to btc when the deal is finalized.

      The reason we have to use our own coins is because we cannot use the users coins which are in escrow, as we do not have full control over the escrow addresses (due to multisig)

      Hope you understand,
      TheRealDeal Market

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *