Silk Road forums

Discussion => Security => Topic started by: pharmacypowder on October 07, 2013, 10:45 pm

Title: Thing someone may have tried to infect my computer through PGP
Post by: pharmacypowder on October 07, 2013, 10:45 pm
So, today on BMR I get an order with a PGP encrypted address. I decrypt it and its a link to a clearnet image site that I DID recognize as it is used all the time so I thought maybe the guy was just stupid and uploaded his address to the clearnet image site and figured if I used TOR, their would be no issues. I go to the site and it doesn't even load and gave me the regular message when a site doesn't load so it didn't look sketchy or anything but i feel like an idiot for opening the link, I normally never would its just I really need any business I can get after the road went. I feel like smashing my computer at least....
Title: Re: Thing someone may have tried to infect my computer through PGP
Post by: sourman on October 08, 2013, 03:33 am
Some image files can be used to execute malicious code and take over a system. If black hats can use images to install remote administration tools and keyloggers to watch you, then LE certainly can.

I would switch to using a PC with no hard drive that is only used for booting TAILS off a DVD. That way even if you are briefly compromised, you can always reboot to a clean OS without any crap remaining on your PC.
Title: Re: Thing someone may have tried to infect my computer through PGP
Post by: Nightcrawler on October 08, 2013, 12:16 pm
So, today on BMR I get an order with a PGP encrypted address. I decrypt it and its a link to a clearnet image site that I DID recognize as it is used all the time so I thought maybe the guy was just stupid and uploaded his address to the clearnet image site and figured if I used TOR, their would be no issues. I go to the site and it doesn't even load and gave me the regular message when a site doesn't load so it didn't look sketchy or anything but i feel like an idiot for opening the link, I normally never would its just I really need any business I can get after the road went. I feel like smashing my computer at least....

Your basic problem is that you're allowing your desperation to overcome your common sense. I can't say whether your computer has been infected or not, but it is well known that image files CAN be used as a vector for malware, as sourman has pointed out.

Consider that DPR was busted less than a week ago, yet these Forums are allowed to continue to run. Why is that?

I think this is because LEA is monitoring what is going on, including all the PMs that are currently being exchanged. There is considerable discussion as to where to go to now, people are looking for vendor contact information, etc.  This site is an information bonanza for them -- why would they want to shut it down?

Likewise, they're not going to be loathe to take advantage of the desperation on the part of both customers and vendors alike. Intelligence gathered now may lead to a bust a few weeks or months down the road. THINK ABOUT IT, for cryin' out loud.

Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07  B66B AFC8 CE71 D9AF D2F0


Title: Re: Thing someone may have tried to infect my computer through PGP
Post by: pharmacypowder on October 08, 2013, 10:07 pm
I totally agree with all of you, it was retarded on my part to do such a thing, I obviously know the feds are reading this (FUCK YOU BTW) but I am a vendor from CANADA that ONLY sold Xanax. The maximum term for trafficking Xanax (benzos) in Canada is ONE year in jail and that is the MAX. NO ONE in Canada gets the maximum unless you are out on bail for murder or some shit. Canada has VERY lenient drug laws and even though I shipped to the USA,  SO, SO many of the big USA Heroin, Cocaine, LSD (schedule 1 drugs as are they are known here in Canada, the worst to get caught selling) are ALL already set up on both markets. Canada would not extradite someone selling Benzo's even if the USA wanted me which why would they? If the high profile USA sellers were reporting similar things maybe I'd be a little nervous. There are no drugs in my house, I do not talk on the phone EVER, and without getting into details, I am no where near any product or where it is shipped from.....I am not that worried. I will probably smash this computer but as long as I am using TOR and connections that do no belong to me, then I think all I need to worry about is key loggers and that kind of shit so a new computer without transferring any files over fixes that.... The thing with keylogger though, how  can they prove who is behind the keyboard especially when using TOR and a connection that is not yours? Even if the computer is tied to your name somehow, you could have sold it to a friend or something (my computer is NOT tied to my name in anyway)....My webcam is covered with black tape because I have heard people can view you through your own webcam (don't know if this is true but I have no use for the webcam and if it is true, that would be a great way to tell who is behind the keyboard)

So honestly, I probably will get a new computer but I am worried because I NEED my PGP key to be the same as that is how all my old customers can verify it is me. Can any virus protection software find this keyloggers? I got something at home that is NOT an anti virus but claims to get virus's that get PASSED the anti virus. Is this even worth using or are these things so hidden nothing can find them?

What do you mean switch to a computer with no hard drive?? I would love no hard drive but how do you have a computer with no hard drive? I don't know much about TAILS so excuse me if I sound stupid which I know I am for getting myself into this in the first place. My computer is totally encrypted as well though....Like I said, there is NOTHING even close to the city I live in related to my business except a laptop that is encypted. I sell a drug that has a very low max prison term, if they wanted Canadian vendors, there is a shit load of the big ones set up on both markets already, I think a am a little fish in a big fucking ocean even though I was in the top 12%...