Quote from: eddiethegun on December 15, 2012, 06:54 pmQuote from: Asylum on December 15, 2012, 04:55 pmQuote from: eddiethegun on December 15, 2012, 04:30 pmQuote from: Asylum on December 15, 2012, 12:43 pmMy account has been hacked! The fucker didn't only steal coins that were laying there, he now tries to scam more!Don't believe anything he claims or messages and don't send him anything.I'm working on getting my SR account back with support. I don't know how to say how sorry I'm for that shit.Unless you start signing some of these statements with your GPG key I'd say your vendor account is DOA.Why should anyone believe you're not LEO taking over a pinched vendors account?-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1Good point. It's me.-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.12 (GNU/Linux)iQEcBAEBAgAGBQJQzKfwAAoJENzDRG0l6WV1bWoIAMa5XSsRL6nX8N/NxWY7K3FZg9z3ufaMITC0MBJb56/GwAYYyn8nhJ3tPfXDCw2Rp7CU2Bs3BvVO9QcN3THYX8K0S1K4YrW8MAJgbqSUYQ3BygYGDV4pVQXDb22ogZ8256el7HbD8mXrqP2w3CO7s7auyRNy8iG6vLBG9XeMdXIIklO0SGzmSoqqSv0PP6PEKVDjBeF/xB73OGe8nnqgV8j3WnQjFg12ZzDirriUwgM3Gumfx3kzk5dsPL11oRUb5ebOHTerFVtGh/kkNCjh2B2aoXVitYpW1Sef6wpVdi96f+6cZwQTroYy2TF1cxQ4wyabs0e6e4FFAboOwaPzI08==fJAq-----END PGP SIGNATURE----------BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v1.4.12 (GNU/Linux)mQENBE/q09IBCAD6egaCUeTWIejCLu1psvfomW0jSry0e2NrRCxeOjVhH84qKWSd0pwUm8Ty2rEggowWHLAvtxErKJhljRH1vI7QXUteJzwzIDPgBOOFq/PvaLVFL6ny7/xDEwBvtTMhg8K5Vzojmf7QiQeWvd8ntz0ZOIJ64YdU9NDvtWoiY/DgKJiKoqk5JUgYcCfuCHNq4qMHiV/icxpR4kk7KjPC8Rkm1ZHapKFZn63zArjQWDOOw2ui0cohNLxQwb7BuWZBnoZGm80xqRu+18+PSLVlnxiAQi0n0EAx06WytaqYMWyF2eGecEyCW7UcGupMNfL3tSN6aJ3BLSbqhzZHZ2C3k+shABEBAAG0G0FzeWx1bSA8YXN5bHVtQHRvcm1haWwub3JnPokBOAQTAQIAIgUCT+rT0gIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ3MNEbSXpZXXsiwgAsF775Fwdy/TqBpf8KAYiRGyrbKCF/I+MZzHnhzsCBZTGSpRT7kO6f1vSp32J5rxtxS/TRe2iY8KoXEhgGMZrX9jWJr45E1raCqjkquxCUgu1yj2uCHwcvObOJkT3oliP8M0kehvh3zyePZrAgrZ4wskdvCJaxPSZ9lnA713MeyqR1nunVw1cmLshMDH6p9VXNzJsGm6ZQ03YEiGbHbmaTaYRj3FpzJqYzIT8GXRlTOJcIqX01RzN0C7QqthgaPc6fYjQ5/sKu0a/5ivNJnWcv9pNUozsgqZAuJqqr3xaYcmpRhs/M1obNbf+sGp0/W0kiGpIbnEvJhfh4QOc+UvVP7kBDQRP6tPSAQgAsa6wyx7euLkCok035HVSmIxqW3jS9ehN7w6bl9BH1KVs3xidFWtvZr8mRF6ghjLDuv5bWYz/k29sfHRQF2xXTC+Ib7dDLcxbXh5o/Vh+HEvB8DAWvGDjdEQHqZUcUhhFFI3lrjvGm9I5lFFruIMpvM49IyzF4vS0VzfQdOMxn587eZgBeJ0L00yGrhz2IdbHEp6kJ6KYsykI/9h2rMIa1WtoYS0vFvEWkZHIpuw/AMB2+kID+fuF7wqXGIGGxrzLLq5CAv2hpSVaEkhrov7GUHreeqxj9p0gD2m0jx4UbZzwtbWSeDad2Bygaq5sNd1cpQprL7KvlzU+4ORyMj9XYwARAQABiQEfBBgBAgAJBQJP6tPSAhsMAAoJENzDRG0l6WV1qLAIAKZ6GtxhEw6niPLMQI2c3yV3Pusk7Pk2ZGpc4zcND9iSj6+JkaZsuNqoksG0AwjJH4sn6XNMMos4q6Q6LxsHyneq5OW/4vBl+NIwBwg5bqr3xuG2SPtcwt36Gkk4EUawe2/IB73V8GLUcTrMUtbXEIF2VA6R9TNd4D01IPJJkpby10qapZ2GxuF68HMpd6Aijt7uVBgzXj7fEL2o2k+e8EfmBwXTYsaPZpAlwo/YpHWIxdFwFlA5MeQc2w9ssz02KNb2gdq0FSWGyPCncL3KJ28MPTRdQSQXzC2kQxocp4KBzXG2XjPrD2kR/WXq8bDW5Yvs9joJulyfp/WnFOeRAl0==ZMiZ-----END PGP PUBLIC KEY BLOCK-----Same public key as posted on your vendor profile and the signature is valid. Ok I'm satisfied.Sorry nothing personal, just helps to be skeptical around here.I see the hacker posted a plea for donations on your profile and according to blockchain.info:http://blockchain.info/address/1CfhQC2sDofgDBrBsY2G1JwUT5NEwV1dCvthe cocksucker already got $500 in donations.Has to be a targeted attack asylum, if he got both your password AND your PIN. I'd be seriously auditing whatever computer your using right about now.That's why it's important to publish your PGP key as widely as possible; if you publish it only on your vendor page, then an attacker could replace the PGP there with one of his own. Now, while some of your previous customers _may_ notice the change in PGP keys, many likely will not. One point that needs to be stressed here is that anything used for verification has to be taken from one or more channel(s) over which the attacker presumably has no control. If the key was posted in the thread established for this here in the Forum, then both the Forum as well as the vendor account would need to be compromised to successfully substitute a PGP key of the attacker's own choosing -- this makes an attacker's job considerably harder. The fly in the ointment here is that anyone wanting to check the vendor's bona-fides, has to be aware of this possibility -- most people, seeing a key on the vendor's page, will simply assume that it is correct, even after the page has been compromised -- that is a dangerous, even fatal, assumption to make. NC