[PSA] Enable 2-Factor PGP Authentication! Do not use Evolution PWs on Agora!

Cross-posting from Agora subreddit:

I'm posting this because a handful of people have started noticing passwords being changed, unauthorized withdrawals from accounts, etc. Nearly all such people have had two things in common:

  1. They used the same Login/Password credentials on Evolution

  2. They have no PGP authentication on their Agora account

It is clear by now that someone is going through the Evolution user database, trying Login/PWs on Agora, noting the "hits", then stealing any coins on the account, or waiting for those users to deposit coins so they can be stolen. If your Agora account has the same credentials as your former Evolution account (or any other DNM for that matter), change your password and enable 2-factor authentication. Both can be done under the "Profile" tab on the market.

Even if your Evolution PW was different, everyone should enable 2-FA regardless. There is simply no reason to leave it un-used; it renders your account practically immune to these kinds of attacks. Obviously this means familiarizing yourself with PGP, generating your own personal public/private keypair, uploading the public key to your account (in the "public info" setting under the profile tab), and so forth. I recommend GPG4USB and the tutorial here.

If you fall into the above 2 categories, make the changes now before you get hit. And please don't post "Agora stole my $30", they had nothing to do with it.


Comments


[4 Points] QLDGreat:

This is hardly surprising. Remember these guys are carders. Before Evolution, they literally made their money from selling people's financial data and stealing money from people's accounts. This is what they do best. I wouldn't be surprised if the database is being sold in chunks on a carder forum somewhere.

The only thing that surprises me about this is how greedy they are. If it were me I'd be taking a well earned break, sitting on a beach somewhere in South America, cashing my BTC out slowly to buy 8 balls of coke, blow jobs and jiu jitsu lessons. But I guess they enjoy doing this sort of shit.

If this doesn't make people change their habits, then I don't know what will. Only ever use multisig on marketplaces with known fraud links, always use PGP, and never, ever ever reuse passwords.


[2 Points] IGetDankShit:

I'm confused. Let's assume I did use the same credentials on both markets. How would a random attacker know the password I used on Evo to begin with? Or are you saying that someone with access to the Evo database of logins/PWs is now attempting to drain Agora accounts?


[2 Points] None:

I don't feel bad honestly. Shouldn''t be using same passwords and should be using 2FA. come on people. don't cut corners.
Still Evo is Scum. but what did you expect from people who advocate carding and fraud?


[1 Points] colesaw:

Yes the reddit account Z-I was claiming to be a programmer on Evo had leaked several Evo account usernames/ passwords in the aftermath of the evo scam.


[1 Points] young_k:

i wish there was an easier way then pgp for 2fa, i mean jeeze its just so dang complicated /s


[-1 Points] Vendor_BBMC:

I can't help but feel partly responsible. Sorry, Agora.

If you check your support queue about 3 weeks ago, you'll see that I tried to give you as much warning as possible. We thought it would take a week, but Evo's own moderators bought it down 5 hours after we fired the first shot.

They hadn't been paid, and unlike Evo (and the head admin, also a former TCF fraudster), they were honest.

I used to message support and speak to the ead honcho directly. I realize that my message was probably read by an admin who doesn't know me from Adam. He probably thought I was a nutter and didn't pass it on, then it will have been lost in the support queue under a tidal wave of new vendors and users

I've been released back to being a vendor today. In retrospect, we could have waited a day and discussed it with agora, but that would have made Agora culpable. I don't think they are one of those markets that attacks other markets.

Just when you'd got it running really fast, too.