Silk Road forums

Discussion => Security => Topic started by: blackend646 on February 15, 2013, 12:26 am

Title: Anyone else receive a PM from user "L7"? Very suspicious..
Post by: blackend646 on February 15, 2013, 12:26 am
I got a PM this morning from a user called "L7". The subject line simply reads "plants" and the body is just a privnote link with absolutely no explanation whatsoever. This person only has 36 posts, all of which are merely periods and random numbers spammed on the newbie forum. Did anyone else receive a similar message?

I advise everyone against following any such clearnet links, as they can potentially de-anonymize you.
Title: Re: Anyone else receive a PM from user "L7"? Very suspicious..
Post by: jnemonic on February 15, 2013, 06:16 am
I recently received from another person the other day, they had zero posts to their name, and was asking me stupid questions...it didnt even warrant a reply.

Keep your ship tight and just delete, delete, delete.. ;)
Title: Re: Anyone else receive a PM from user "L7"? Very suspicious..
Post by: Tessellated on February 15, 2013, 08:04 am
An old trick to getting someone's IP, or in the case of TOR their exit node is to PM them an image. Wisely this forum has disabled images.

But if you follow a link then an attacker can see what exit node you are on. What is more the target of the url could contain malicious javascript code or code that takes advantage of bugs in common browser extentsions. This could potentially compromise your whole system.

There is a DEFCON talk on you tube, search for "Defcon17 - Weaponizing the Web", and you will get a hint at what sort of attacks a link can hold. They are after your bitcoin wallet.

Good to use a hardened browser and only use it for specific anonymous tasks, not any sort of every day browsing or link following.