Silk Road forums

Discussion => Security => Topic started by: nawlinsx on December 18, 2012, 05:42 pm

Title: Emergency! Site compromised?! "SR Quickbuy"image hacking
Post by: nawlinsx on December 18, 2012, 05:42 pm
Update:  This is happening to images from many accounts - see the site's front page:

http://silkroadvb5piz3r.onion/

My images have been replaced with the same images plus a bottom strip extolling the user to send payment to a certain BTC address!

Check this listing of mine out:

http://silkroadvb5piz3r.onion/silkroad/item/bd7806b405

See the image.

I did *not* add the bit at the bottom about the "SR Quickbuy" and I have no idea who's BTC address that is.

Have I been compromised? Has SR?  Has somebody gained access to an image directory and added that?

Please advise!
Title: Re: Urgent! Compromised?! "SR Quickbuy"
Post by: nawlinsx on December 18, 2012, 05:44 pm
Check out the front page:

It's happening across the board!
Title: Re: Emergency! Site compromised?! "SR Quickbuy"image hacking
Post by: nawlinsx on December 18, 2012, 05:50 pm
What's the suggestion?  Vacation mode?  Is SR on it yet?
Title: Re: Emergency! Site compromised?! "SR Quickbuy"image hacking
Post by: CharasBros on December 18, 2012, 06:14 pm
all images on SR is coded in html, so some kids performed SQL injection and injected this text to images. nothing been compromised. dont worry be happy!!
Title: Re: Emergency! Site compromised?! "SR Quickbuy"image hacking
Post by: nawlinsx on December 18, 2012, 06:49 pm
I appreciate the response, and it is likely that the images are the only things affected, HOWEVER, this is the very definition of being compromised.

It is clear that they got to images which should have been secure.  What else were they able to get access to as well?  What else have they done that is not visible to us?

This is serious business.

I'm contemplating moving any BTC that I have in reserve off the site for the time being.

An official response from SR would be in order now.

all images on SR is coded in html, so some kids performed SQL injection and injected this text to images. nothing been compromised. dont worry be happy!!
Title: Re: Emergency! Site compromised?! "SR Quickbuy"image hacking
Post by: NorthWestDirect on December 19, 2012, 06:57 am
DPR just chimed in with a thread: http://dkn255hz262ypmii.onion/index.php?topic=94596.msg669418#new

NWD