IMPORTANT! Missing coins, Deposit not showing, Password changed. Public service anouncement

After reading this subreddit for awhile there seems to be major issues:

  1. Coins disappeared from wallets
  2. Passwords being changed with coins in wallets
  3. Withdrawal pins being changed

These issue have occurred on every single market that has any decent size user base. Most users blame corrupt admins while the community says they got phished. I suspect its neither. Since it happens on every market almost daily to various individuals across markets and the fact that some users never have this occur at all on any market there is only one solution.

The people having these problems are most likely reusing credentials from marketplaces to forums. In other words they use the same login id and password that for example they used on sheep or the old tormarketplace or wherever. Surely there are admins from those shuttered or active sites that have a whole database of user ids and passwords they go around active markets testing or sold the info. Also using the same credentials on a forum for the market could spell trouble as maybe corrupt moderators have access to only forum passwords and not market passwords and just get bored and try to login and steal.

EDIT: I don't want to say that this is the ONLY way you can be compromised. Phishing and selective scamming admins are always a reality also.

Bottom line never use the same password for anything no matter what closed market or forum NOTHING. And you should change user names also every single time.


Comments


[5 Points] bernardo44:

Wow, interesting theory! Now we gotta wait for the next user to post about that problem so we can try to get your theory validated.

I think it makes a lot of sense.


[4 Points] seriouslynowwtf:

Also the wordlists created by things such as the Adobe hack means some very secure passwords are useless if reused.


[4 Points] Mattt9998:

You all should use something like this to generate a random long password, http://strongpasswordgenerator.com/

and should use a different password for every site


[2 Points] nsgiad:

I know for myself (being one to usually blame it on phishing) I totally overlooked this option because I (very incorrectly) assumed everyone knew better than to reuse credentials. In retrospect, this is the most solid theory and explains why it happens across the board.


[1 Points] Baifong:

Never thought of that. I use the same login on the darknet sites too. Never had anything missing yet though.


[1 Points] None:

[deleted]


[1 Points] STIMUMAN_UK:

This is possible,i actually feel sick today following the loss of all my coins,which i doubt i will actually get back,no matter how many times i contact the agora admin


[1 Points] None:

Geez people are now just thinking of this!! Of course using te same usernames and passwords on all these sketchy sites is a bad idea I rotate usernames and passwords on everything and I'm just a buyer vendors really need to be careful!


[1 Points] viceroy258:

I've mentioned this in similar old PSA's, that using the same credentials for everything, and even for just dark net markets is a bad idea. I've had one username/password combo compromised once, and I just redid everything after that.

P.S. Also, try and always use passwords that are over 12-16+ characters in length.