Silk Road forums
Discussion => Security => Topic started by: stewpudaso on December 25, 2012, 01:28 pm
-
I usually start my tor browser, then go to silkroad wikipedia. Once there i use the URL listed to Login to silkroad. This morning I did this and noticed the URL had been changed, i clicked the new URL and the login page is now asking for my pin number. Is this a scam or a new security measure? I used another method to login.
-
ya peeps change that shit all the time
-
I am aware that the URL Changes periodically but why should I be asked to give my pin number during login? Isn't my pin number just for purchasing?
-
dont give your pin number or your account will be hijacked (phising). SR is not down!
-
http://dkn255hz262ypmii.onion/index.php?topic=95876.msg681288#new
scam
-
I usually start my tor browser, then go to silkroad wikipedia. Once there i use the URL listed to Login to silkroad. This morning I did this and noticed the URL had been changed, i clicked the new URL and the login page is now asking for my pin number. Is this a scam or a new security measure? I used another method to login.
Next time your on the SR homepage, just BOOKMARK the site for future access instead of having to go to Wikipedia each time to copy/paste the SR URL.
-
Can you seriously not remember a simple URL like SR's???
Just memorise it.
-
Why memorize when you can just Bookmark it within the Tor portable installation? I also keep the link with my other important files which are in a hidden, TC container, on a removable drive.
-
http://silkroadvb5piz3r.onion bookmark this....period.
X)
nomad
-
You should store TBB and your PGP software on encrypted media, then you can bookmark the URL or save it in a text file and avoid this problem.
-
I know it is stupid but this scam got me. I was drunk and without thinking entered my pin. I really wish I was smart enough to check out this forum earlier. The prick stole $280 with of BTC. I changed my password and pin now but the money is gone.
I guess there is nothing I can do to get my money back...? Guess I deserve it for being idiotic and lazy. Lesson learned.
-
Why memorize when you can just Bookmark it within the Tor portable installation? I also keep the link with my other important files which are in a hidden, TC container, on a removable drive.
Why wipe your ass when someone else can do it for you?
It's an easy URL not the Divine Comedy
-
Why memorize when you can just Bookmark it within the Tor portable installation? I also keep the link with my other important files which are in a hidden, TC container, on a removable drive.
Why wipe your ass when someone else can do it for you?
It's an easy URL not the Divine Comedy
No need to be an asshole about it.
Merry Xmas
PG
-
I really cant understand this... This is the 2nd or 3rd person today that has been got by this guy Phishing.. Members when ANYTHING IS not a normal SR LOGIN then back off it.. An second Why is it sooo hard to BOOKMARK THIS PAGE?? Or highlight copy open notepad PASTE it then Save as to a USB stick? Save the SR Link and the SR fORUMS link.. And any other Tor sites in your Book marks or your notpad on a USB file.. Or hell print them out and hide them in a book somewhere... Im not 100% on security but im not far from it and i just dont understand why people use all this diffrent places to get to sr
-
I really cant understand this... This is the 2nd or 3rd person today that has been got by this guy Phishing.. Members when ANYTHING IS not a normal SR LOGIN then back off it.. An second Why is it sooo hard to BOOKMARK THIS PAGE?? Or highlight copy open notepad PASTE it then Save as to a USB stick? Save the SR Link and the SR fORUMS link.. And any other Tor sites in your Book marks or your notpad on a USB file.. Or hell print them out and hide them in a book somewhere... Im not 100% on security but im not far from it and i just dont understand why people use all this diffrent places to get to sr
Bookmarks and notepad here. This by far the easiest method and you are always going to be correct and never phished. ;)
-
No need to be an asshole about it.
Merry Xmas
PG
I'm not being an asshole about it at all (sorry if it came off that way), but here, see this guy - he relies on bookmarks, but when he got a new laptop, he used Wiki instead and fell for the phish: http://dkn255hz262ypmii.onion/index.php?topic=95960.msg681704#msg681704
Seriously, there is no need to rely on anything else when all you need to do is just memorize 6. simple. characters. and you're set.
Merry Christmas.
-
Members when ANYTHING IS not a normal SR LOGIN then back off it.. An second Why is it sooo hard to BOOKMARK THIS PAGE?? Or highlight copy open notepad PASTE it then Save as to a USB stick?
I would love for everyone to save important data locally and not rely on untrusted third parties like easily vandalized Wikipedia, but you have to consider that some people don't have full control of their computer. They share a computer with family or roommates, or they go to a library, university, or internet cafe, and they don't want evidence of accessing SR on disk. An encrypted thumb drive is their best option, and I plan on writing a tutorial for that in the coming days.
As for recognizing a phishy site, they don't even have to remember the entire 8 characters after silkroad. Memorizing 5piz3 is enough, since the probability of finding a private key that hashes to silkroad*5piz3* is extremely small. It would take ages to search the key space for a private key that hashes to a domain name containing those two strings. Looking for 5piz3 after silkroad will block 99.99% of all phishing attempts.
-
I know it is stupid but this scam got me. I was drunk and without thinking entered my pin. I really wish I was smart enough to check out this forum earlier. The prick stole $280 with of BTC. I changed my password and pin now but the money is gone.
I guess there is nothing I can do to get my money back...? Guess I deserve it for being idiotic and lazy. Lesson learned.
The primary lesson to be taken away from here is: don't compute while tired, drunk or stoned. If you're not at the top of your game, you'll eventually make a mistake -- leading to either loss of funds (bad) or loss of freedom (worse).
NC
-
I popped off over Christmas (not in that way) so I didn't notice the SilkWiki phise thing. Wikipedia was also attacked. Not to mention Hidden Wiki. Don't ever give your PIN. Don't ever give your PIN. Don't EVER give your PIN. Unless of course you need to, but it certainly won't be when you log in. I remember I was at BMR once and the URL didn't match the one right below it so I peed off out of there and came back the right way.
Load up http://silkroadvb5piz3r.onion and bookmark. Also, best to type these URLs down in case you need to download a new Tor update, as your old bookmarks will be on the old version. You need to start again.
If you are still stuck, ask a young teacher at school, they're probably vendors lol. ;)