Silk Road forums
Discussion => Security => Topic started by: envious on June 19, 2011, 01:29 am
-
Someone has created a clone of the login page and changed the link on the hidden wiki to the clone in an attempt to harvest usernames and passwords for SR. For now it has been edited back to normal. DO NOT FOLLOW THE HIDDEN WIKI TO GET HERE FROM NOW ON. Bookmark it, save it in a text file, do whatever else you must do but do not come from the hidden wiki unless you want your bitcoins stolen as I'm sure the scammers will edit it back to the scam eventually. If you have recently come here from the hidden wiki link change your password immediately. Also those of you who are complaining about javascript on the login page you probably went to this site because they have javascript in the code. Regular SR login does not have javascript. Hopefully we caught this early enough before anyone got screwed but I doubt it.
SCAM URL: http://z5y7mpc4n4bcqsim.onion/ DO NOT LOGIN HERE!
-
He/She is constantly changing the URL.
-
I suggest everyone keep an eye on the version history page of THW's main page and try to undo any attempts at replacing the legitimate links with malicious ones. Someone should contact the admin and ask to have the front page semi-protected or account only if this become a further issue.
-
I suggest everyone keep an eye on the version history page of THW's main page and try to undo any attempts at replacing the legitimate links with malicious ones. Someone should contact the admin and ask to have the front page semi-protected or account only if this become a further issue.
Already done.
-
I am keeping an eye on the page.
-
Thanks for the heads up envious will definitely be on the look out for these dang prick scammers
-
Glad I keep track of all my own links, wiki's can be dangerous like that.
-
Good eye thanks for the tip. Phishing knows no boundary...
-
A good practice would be to store the addresses in a text file.
But if you need to access it from outside home where you need to get it from an outside source, try to memorize a random part of the address.
SR address is ianxz6zefk72ulzz, don't go for the easy pickings, like "starts with ian" or ends with "lzz", tools like shallot allows to brutte-force tor addresses to get similar ones. Aim for something more random, like it has 672 or zef or ze and ul or something else.
-
LOL tried to pull a fast one I see.
Sucks for those that use The Hidden Wiki to login. :(
-
What's all this about a hidden wiki?
-
Remember kids only use your bookmarked urls for Silk Road!!!
-
Got scammed, used hidden wiki link, down $250. Fuck me
-
This is endemic. I think we should ask Silk to add it to the Buyer / Seller Info
Anytime you go to hidden wiki, check for ian on the silk road link
http://ianxz6zefk72ulzz.onion
-
> Anytime you go to hidden wiki, check for ian on the silk road link
> http://ianxz6zefk72ulzz.onion
The more characters of the legitimate link you can remember (and check), the better -- as I think Kind Bud has mentioned elsewhere before. Utilities exist for generating "custom" hashes for hidden service sites, and generating one that begins with "ian" is nearly trivial. Making one that begins with "ian" and ends with "lzz" would be considerably more difficult.
*Never* rely on HW links. Especially when you're about to authenticate to the linked resource.
Roll your own shortcut instead. Put the address in a text file. Write it down if you need to -- nobody is likely to guess the meaning of "ian...lzz" on a scrap of paper. If some one asks, say you forget what that was for.
-
I keep all my Tor links as a text file on a usb key, safer and easier!
-
Good idea putting a warning on here. I almost fell for it when I lost my USB key that had the bookmark. Being a paranoid person saved me. THe address on the wiki just didnt look right so I made sure to confirm it. Sure enough it was BS.
-
LOL tried to pull a fast one I see.
Sucks for those that use The Hidden Wiki to login. :(
Yup. That is why I never use it.
Piece, Love, and Fuck Haters.
-
A good practice would be to store the addresses in a text file.
But if you need to access it from outside home where you need to get it from an outside source, try to memorize a random part of the address.
SR address is ianxz6zefk72ulzz, don't go for the easy pickings, like "starts with ian" or ends with "lzz", tools like shallot allows to brutte-force tor addresses to get similar ones. Aim for something more random, like it has 672 or zef or ze and ul or something else.
Holy shit!! When was backopy on Silk Road? :o
Remember kids only use your bookmarked urls for Silk Road!!!
This ^^ . I DO remember. 0:)
Piece, Love, and Fuck Necro-posting. ::)
-
That happens a lot. Never follow a link to Sr (especially on the hidden wikki). Just memorize it and type it in manually.
Good for not falling for it and being alert.