high-risk bugs regarding Alphabay Marketplace (WARNING)

hi to all i have opened ticket to warn support of alphabay regarding 2 high-risk bugs without response, now i have dumped all private messages of buyers and sellers over 200k with high risk with information of first/last name and addresses of users and track id of packs sent from sellers, and all users (id, nickname) over 1 million and 130k of this market with this bugs, all your messages are available to everyone, please, guys, be careful, OK?

proof :

i have censured addresses and id track.

in final I would like to talk to admins (alphabay) regarding this situation.


Comments


[45 Points] ewoiwqeieiqw:

I hope that you're a reasonable person. And I hope that the AB admins are too. If this is true they should pay you a huge bug bounty. Releasing something like this would set the community back quite some years. Regardless of liking or disliking AB. This does beg to question whether other people (or LE) have this information. How hard was this to crack?


[29 Points] greenclipclop:

Assuming this is legit, thank you for not selling this data to either the government or whoever for the biggest bounty.

You are a good person and if I was alphabay I would reward you hansomely.

If you leaked this data it would destroy that entire company and website.

Think about this, guys.

This man deserves respect. He certainly has mine.


[22 Points] kittyisland35:

Jesus christ. Thank god I always used PGP, and thank god that /u/Cipher0007 is doing the right thing by alerting the community to this. Cipher, you're a good person. Don't back down, please make sure alphabay gives you a very nice reward. You could destroy their entire website if you wanted to with this bug, and considering the millions (billions?) of dollars that have circulated through AB you have a lot of power over them so don't accept any shit from them. Good luck.


[18 Points] entrippy11:

Does this include buyer/seller notes or only the feature called "Private Messages"?


[10 Points] wombat2combat:

/u/alphabaysupport /u/trappy_AB


[13 Points] alphabaysupport:

We are looking into it and will revert soon


[11 Points] Elli0t-H:

This begs the question, why arent users using PGP as standard for all comms?


[7 Points] -thuggy:

does this also include really old "deleted" messages?


[4 Points] canlsdhelpmeee:

What does this mean for personal use buyers who have used alphabay?


[2 Points] yehnahnahyeh:

can i ask what is your occupation? I'm impressed.


[2 Points] LordDongler:

Daily reminder to use PGP for everything other than "when might it show up" and "you scoundrel, you have absconded with my money"


[1 Points] hoploir:

Proof?


[1 Points] NotoriousOnDeck:

Is this realted to the API bug


[1 Points] None:

[deleted]


[1 Points] Catnipstheshit:

Get your coins out of ab now before they exit haha


[1 Points] TheRealRocketship:

lmao


[0 Points] None:

[deleted]


[-1 Points] None:

[deleted]


[-5 Points] jack19056:

How do you expect others to believe this with just screen shots. Any one can edit the HTML with developer tools (settings/developer on the upper right corner) and take a screen shot.


[-16 Points] RickAndCunty:

Should have sold it. You could have made a nice sum of money. Far more than the gypo cunts that run any marketplace will give you.