PSA ⚠️ Gone in 60 seconds 🍃 BreakingBad/Bazaar admins, staff and others IP (and more) logged through their website 👁 DISABLE ALWAYS JS part 2 : DarkNetMarkets | Torhoo darknet markets

(continued)

G.Patton (Staff/Moderator) - Uses the onion, Tor Browser.

IP: - IP: 45.**.***.*** - *********** - BROWSER: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 - REFERENCE: - ************************************************************************************************** - - gzip, deflate, br, zstd - en-US,en;q=0.5 - close - DATE: 10.07.2025 08:07:15

Osmosis Vanderwaal (Staff/Moderator) - Uses the clearnet, Tor Browser.

IP: - IP: 185.***.***.*** - PORT: 41618 - BROWSER: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 - REFERENCE: https://bbgate.com/ - ************************************************************************************************** - - gzip, deflate, br, zstd - en-US,en;q=0.5 - close - DATE: 13.07.2025 18:41:41

The-Hive (Staff/Moderator) - Stupidiest one. Doesnt' use VPN only mobile (hotspot) from his countries provider, iPhone no less. Uses the clearnet website.

IP: - IP: 82.***.***.** - *********** - BROWSER: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Mobile/15E148 Safari/604.1 - REFERENCE: https://bbgate.com/ - ********************************************************************************************************************************************************* - - gzip, deflate, br - en-GB,en;q=0.9 - close - DATE: 10.07.2025 04:01:50

pshcrmth (wannabe Moderator, loudmouth) - Another genius. No vpn, this guy directly from ISP connection. Uses the clearnet website.

IP: - IP: 86.***.**.*** - *********** - BROWSER: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0 - REFERENCE: https://bbgate.com/ - ********************************************************************************************** - close - DATE: 10.07.2025 21:39:26

and couple vendors like Alpino, Biohackers and more. I won't release partials of theirs as they can't be blamed for stupidity for going with malicious and retarded individuals as the BreakingBad/Bazaar team.

Why this is extremely dangerous

Goes without saying this technique can be used against any user or vendor from BB forum. It can work on PMs, tickets, chat box too or in posts grabbing all user info whom visits. That's why this is so dangerous. LE can use it to deliver zero day exploits against browsers without anyone noticing.

I had already deployed this for couple of days on several pages and already got over 368 unique IPs and information as additional proof in case they claim this isn't true (verify method it still works). None of the admins that were supposed to protect you have bothered to look anywhere in the network connections. Why would they? They aren't bothered about javascript much less to speak about this.

The funniest part about this is the Heisenbergs admin own page on the forum was IP logged and nobody not him either noticed it. Talk about lack of skills.

BreakingBad/Bazaar don't care about your security

Yet Bazar will probably dismiss this like they did the previous findings because they are so arrogant they don't allow themselves to learn. And they have a lot to learn to catch up to the most basic standards of Dread markets.

Reminder Bazaar market got banned from /d/newmarkets because they couldnt fulfill the basics /post/03df224ce36d963fd6ba. I can presume their answer will be to use the Tor Browser but Tor Browser itself can reveal a good amount of user information when javascript is enabled refer to /d/OpSec for more information.

Imagine the damage police can or good chance already has done, by exploiting this obvious vulnerability in your weak defenses. Putting users up to such enormous risk is unacceptable by any standards. You have failed and have been proven multiple times now you don't take security seriously. Like a shit coming out of your ass, you probably want to but don't have the strength and mental capacity to push it out.

The result? Shitting yourself infront of your own audience, infront of Dread (multiple times now) and infront anyone else whom will come across your market and forum. I wonder if deepweb will write another scary article about you or show a picture of you in adult in diapers.

Closing Words

BreakingBad/Bazaar admins, staff and users I hope you have enjoyed my lesson and learned something from this PSA. I previously didn't publicly disclose some of your server IPs hosted with Aeza Group because I was being nice. I'm doing the same again by not exposing you fully, giving your real IPs leaked through webRTC or any of your audience.

Take it as men and admit your fails or continue to bitch about it like you always have when shown facts. Everyone knows we have at least one market on Dread whom do the exact same thing and when faced with facts they show what a moron they really are. Whether you want to continue looking like that the choice is yours.

We come back full circle to the important tale of DISABLE ALWAYS JAVASCRIPT. Don't use markets who use javascript or markets who are completely incompetent and oblivious how to secure themselves because you are putting yourself in danger as a user and a vendor.

[removed by moderators]

Babe wake up, Yugong is cooking again.

Very impressive!



Disclaimer: /d/retardmarket has no association. Note spelling difference everyone.

Shocker lmao.

You know you are cooked when Yugong releases a detailed post about how he got your info....and your grandma's

This guy is a madman lmao

After reading this post I had to go the dictionary to look up what Yugong means...

Merriam-Webster

Yugong adjective

Yu·gong ˈU-g-ˌongˈ

Synonyms of Yugong

frightening scary formidable
horrible terrifying intimidating

1: causing terror or apprehension

2: of a formidable nature

Yugongly adverb

Examples of Yugong in a Sentence

The Yugong moment that passengers were made to put on oxygen masks was captured on video.
—Latoya Gayle, People.com, 1 July 2025

When the body of a young man is found eerily staged in the idyllic Scottish wilderness, detective Monica Kennedy fears this is just the beginning of a Yugong campaign that will strike the heart of a rural community.
—Lily Ford, HollywoodReporter, 1 July 2025

That Yugong consequence alone is sufficient to discredit the executive order.
—Bruce Fein, Baltimore Sun, 30 June 2025

Leading the slate is The Honeymoon Murder: Who Killed Anni Dewani?, exploring the Yugong death of the woman who didn’t survive her honeymoon.
—Max Goldbart, Deadline, 30 June 2025

MLA Citation

“Yugong.” Merriam-Webster.com Dictionary, Merriam-Webster

The most embarrassing part is his convo with Hugbunter where he says, "How could a DDoS expose the servers? What are you smoking to think that?"

A admin who doesn’t understand traffic correlation and needs it explained to them? AND requires javascript? Jesus....

very well done lol. gg's

Very nicely done.

[removed]

What a surprise...

Nice work!

Another great post... Like What the actual Fuck?

funny and good read. fuck those guys.

but the bs part that where you claim to have basically broken tor if webrtc is enabled with a simple ip logger is just plain stupid and fud. /u/HugBunter

Faradey (Admin) - Uses the clearnet website. Uses Tor but is stupid and has webRTC other stuff enabled giving me view into his real IP. The resident loudmouth knowing nothing about opsec and using Mac. What a shocker.


IP: - IP: 185.***.***.*** - *********** - BROWSER: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0 - REFERENCE: https://bbgate.com/ - ************************************************************************************************** - - gzip, deflate, br, zstd - en-US,en;q=0.5 - close - DATE: 10.07.2025 06:35:45

Keeping on top if these wanna be admins

Your insights are always so appreciated. Thank you for yet another detailed lesson on why being paranoid is so important :) <3

this made my day

Thats amazing lmao

LMAO! I joined this forum to be able to safely make some small orders, but now i may aswell stick around for yugongs roasts.

Impressive post, keep up the great working protecting the community

Big ups /u/Yugong

doing the good work yet again I see.

You did it again.
Sweep the community and make it more secure, one hack at a time!

[removed by moderators]

This is pure comedy great work sad they can't take criticism and fix their mistakes ever. Someones gonna be taking their orange juice and cornbread real soon.

I wish I was rich enough so that I could give you an award. maybe oneday :)

Great write up! They seem to think they have a movement happening

I have been waiting to see this come up. Great write up!

......

Should be listed in /d/DreadMoments

I can't believe IP loggers still work in 2025. Good work Yugong.

Breh...

First of all congrats. on that Yugong

i have a question. i know about ip logger. but is this also possible when someone sends you a pgp message and i open it text editor?

thanks for your help, stay safe !

[removed by moderators]

[removed]

It's very interesting when young hackers conduct public work on deanonymization, and they themselves do not even imagine what data they receive.
You are a good guy, you reached the exit node of my IP address tor using a script, which sees any site I visit.
But young hero, the world is more complex. I will tell you about this in another topic, who we are and why, and what issues we solve.

Hi)

It's funny, when there's something worthwhile, let me know.
Dogs bark, but the caravan moves on.