Grey Market exit scammed. According to one of the market's administrators, a second administrator had emptied the cold storage wallets and vanished with the funds users had in escrow. The exit scam likely surprised only the market's most loyal fans.

ps admins you can mark Grey Market as [exit scammed] and ban all our official accounts

An Administrator of Grey Market

Clarification: A previous version of this article failed to properly explain that Gustav had stopped attacking White House Market, Monopoly Market, and Darkmarket.


After more than a week of intermittent uptime, the market went completely offline between four and six days ago. Different users have provided Darknetlive with different dates and it looks as if vendor mirrors worked for longer than the public mirrors. On December 27, one vendor wrote that they had lost access to the market (via vendor mirrors) “two days ago.” A number of buyers complained about 502 errors since before December 25. Nevertheless, vendor mirrors completely stopped working at some point after Christmas.

A Post Made by the Grey Market Admin on Dread

As a result, incoming and outgoing payments also stopped. Customers could not finalize the orders they had received and vendors could not withdraw any Bitcoin. Some stood up for the market on the market's subdread. In an official announcement thread, one vendor wrote, “yea you are right, they have been great and i don't think is an exit scammed [sic].” The vendor also wrote that Grey Market had blocked new transactions since “2-3 days before the ddos” and that a market planning on exit scamming would have allowed transactions until the very end.

Distributed Denial of Service

Grey Market was one of several small markets struggling under the weight of an especially powerful DDOS attack. According to a market administrator familiar with the ongoing attacks, the actor responsible is essentially able to take any onion service offline. Facebook's onion service is one of very few exceptions acknowledged by the attacker.

One market administrator told Darknetlive that Grey Market had used the ongoing DDOS attack as an excuse for the rogue administrators actions. The actor responsible for the DDOS has also attacked markets such as White House, Monopoly, and Darkmarket. The attacker eventually stopped hitting those three markets. All three are still here. Several smaller markets, such as Yellow Brick and BitBazaar, are allegedly struggling under the same DDOS attack.

But an exit scam is an exit scam. The Grey Market administrator responsible for the message on Dread claimed the theiving administrator had used the chaos caused by the DDOS attack to “take a chance” at emptying the market's cold storage. The DDOS attack could have inspired the theft of the funds in cold storage but marketplaces with their own wallets can steal funds at any given time.

The Message

Below is the message posted on Dread by u/DrkMrkRIP. The user created a new account to post the message instead of using one of the existing Grey Market accounts. However, the signature checks out. If some random person has access to their primary PGP key, the market has more serious concerns than a DDOS attack.









P.S. This is the same marketplace that Dark.Fail Tweeted about several weeks ago when one of their (now former) staff members went rogue.

and again