Silk Road forums

Discussion => Newbie discussion => Topic started by: MisterMcfeely on June 11, 2013, 11:45 am

Title: new scammer targetting vendors "Private Server"
Post by: MisterMcfeely on June 11, 2013, 11:45 am
Just got another PM from another chump tryna steal out coins.

It's from "Private Server"

Subject:
"* INVITATION * Private Server only for Vendors"

Body reads:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello our fellow Vendors!

After the series of DoS (denial of service) attacks a month ago, we decided do a step which was seriously considered for some time. And it is separating the buyers and sellers area to different servers, which allow you handling their orders without participation on main server over-load and also in case of general unavailability.

The address to access new server called Vendor Panel is:


http://URL REMOVED FOR SAFETY


Most of the sellers were invited already month ago, and now the gate is opened for all of you (including new vendors and recently active ;-)
The main aim is to keep this new server PRIVATE, not public, therefore do not spread any information about, except the hidden Vendor roundtable forum (you can ask for the access together with refund of your bond).
This way we want prevent leakage and avoid the attackers who will have no clue about this server.
The address will be changed later, the current is just random assigned address by Vidalia, because it takes a while until special application for this purpose generate usable and easy to remember one (8 letters takes over 20 days btw). Some of you who are with us a bit longer sure remember even SR was before on one of such addresses, I personally still remember it from head (ianxz6zefk72ulzz:-)

Please note: During the first time login, you will have to enter and confirm some other settings (seller account for example now can't have the home location undeclared)!
This is especially due to new personal wallet interface, which is from now same as this new server completely independent part of the system (mean another security layer)! And we want to stay far away of using JavaScript at all, therefore some functions requires a direct load. As we decided to separate the wallet system from main SR server, instead of just creating a bridge.
Also during the first login, some new values are needed to be added and actualized on your account ID in database, to allow functionality of this new vendor panel which current SR db don't contain (basically this is done in background by scripts, just informing).

The new vendor panel also introducing few new features. Between them for example export of orders to txt file with values you set (faster to decrypt in your client at once than one by one), and also some marketing focused tools, which will help with increasing your customer base - PM newsletter for fans, statistic of bookmarked items, basic month sales chart and so on.
Simply we gradually want to upgrade the system to become a equally useful tool to a modern e-shop solutions (but of course fully inside TOR security frame, without using JavaScript), and make your business easier!


If you are curious what else the new vendor panel brings, do not hesitate to look inside and try:

http://URL REMOVED FOR SAFETY

Yours,
Dread Pirate Roberts and SR dev team


Please BEWARE: You should never use your sensitive login data on foreign websites, except silkroadvb5piz3r.onion.onion and this new one:
http://URL REMOVED FOR SAFTEY
Please bookmark it for use until new easy to remember address will generated!
We are looking forward on your opinions and possible help with fixing some bugs! Please keep in mind this new server is still in real-time debugging!
We created this special account for communication with you on this matter! Always at least one of our engineers will be on the hand to response.
This message is signed of course with my personal key to allow you verify it's integrity.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEfBFDBcgAGBQQJpK8y3AoJEAIiQjntnol/yusIALCChZM49sth+5wudmHXeI5P
Lu1aZuIUQdNVyvK51omKFugB1oH4Fv+X7s+p2bFrUy1Ras5qtvBQf3qo9xF2doUj
QvPlN20cZX7+bRcjUqW8w+SKxD0BB+Q0twkE04uQj4iggMyZWzjdN5IFTxnW1kmg
i/HYh8HkS3bB20bjHJg1wQVhxX8E0E4ie+1K8i8d9ofwv2uRc37PaXqPVmpFE7AD
bvnF9EH5iHfl8gOeRWU6Vch2NFf9s6zR2yOBCxo4tHsMarlsOjktMVX0Vh0RCn2d
FPheQyPgblSPOmSRYQCIfBxwei6sniCkX/i7dd/l5A7fqqjfelv3HBk8bBulfM7=
=ix49
-----END PGP SIGNATURE-----


Users beware.... They are out to get you!
Title: Re: new scammer targetting vendors "Private Server"
Post by: MisterMcfeely on June 11, 2013, 11:47 am
Looks pretty legit, huh?  8)
Title: Re: new scammer targetting vendors "Private Server"
Post by: HighGirl on June 11, 2013, 04:47 pm
I also received this message. It does look very legit. I actually entered my username and password, and then it asked me for my PIN and that's when I got really suspicious. So I quickly changed both my Password and PIN (even though I never actually entered my PIN, they did get my original PW).
Title: Re: new scammer targetting vendors "Private Server"
Post by: THCKingCA on June 12, 2013, 12:55 am
Got the same message!