Sourcery Market Down Briefly

In response to this thread, https://www.reddit.com/r/DarkNetMarkets/comments/6qvs2m/sourcery_market_security_vulnerabilities/, we are bringing down Sourcery for a little bit while we look into the issues found. We will be back online shortly.

I will post more details as I read through everything.

Sourcery

UPDATE: We will be down approximately 1.5 - 2 hours while we look through the points made and made updates. If that timeline changes, I'll update accordingly.


Comments


[23 Points] trynakick:

To everyone telling sourcery not to come back. Aren't they doing things exactly right? The community finds an issue, they go down to fix it.

If anything the person who found the issue should have contacted them first for a bounty. It doesn't look like that happened.

I'm no expert, but this mistake does look super basic, so maybe they are in over their heads, but once it's fixed and they have an established protocol for bugs, why not welcome them back?


[16 Points] cantsmokeme:

Never come back online if I were you. It's called quitting while ahead, but you got that dopamine flowing already. You're too hooked.


[15 Points] 34190849014433740734:

These security flaws are really basic stuff dude, you need to hire some pentesters and some devs that are aware of security practices or I 100% expect a post in a month on here announcing you've been hacked.

Also why did you reveal your location?


[9 Points] None:

Good luck fixing it. Just saying if you have all those issues then maybe time for the drawing board?


[4 Points] PM_UR_DNM_TAKEDOWNS:

Consider hiring pentesters?


[3 Points] Atrophried:

From my brief reading, I understand that you may have good intentions on running this market, however with the vulnerabilities discovered being of quite some concern (considering these vulnerabilities are expected to not be present in any market), I can't ever see myself using Sourcery.

Not trying for a dig, just being honest. You would be expecting this same response from a lot of users, so be prepared for well reasoned reluctance to join Sourcery.


[2 Points] fa-yeerrr:

Is Sourcery's code open source?


[2 Points] ice_cream4breakfast:

Don't give up, learn and improve


[1 Points] InsanityDRM:

After reading about these exploits I'm sure once Sourcery comes back online I can find a few more. Sips coffee


[1 Points] TILYouLoveDrugs:

Using these bugs alone can lead to many empty wallets. Not to mention the arrests lol


[1 Points] HardC0r3:

Damage already done. Everyone was able to read Messages (also LE). you should be removed from the Superlist.


[1 Points] datadotzip:

Could someone send me a PM once this market returns? I will do a full security audit. With the amateur hour that was uncovered in that thread, there are -sure- to be more slipups.


[0 Points] None:

Dude, your OPSEC is just terrible. I'd recommend closing down and learning from your mistakes. Seriously man.


[0 Points] None:

Just hang it up man.


[-3 Points] None:

[deleted]