Silk Road forums

Discussion => Silk Road discussion => Topic started by: Dread Pirate Roberts on December 19, 2012, 06:27 am

Title: image hack on SR
Post by: Dread Pirate Roberts on December 19, 2012, 06:27 am
UPDATE:  The issue has been resolved.  The hole that lead to the hacker gaining access to other vendor's images and postage options has been plugged.  I've sent a message to all vendors asking them to update their images and postage options if their listings were affected, so hopefully the listings will be back to normal soon.  I've turned off incognito mode on all accounts, so if you were using incognito browsing before, you'll need to re-enable it on your setting page.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey gang,

I'm aware of the image hack that has taken place and am working with my team to fix the issue.  Whoever was able to pull it off was is very skilled and clever.  Hopefully no one has fallen for it and sent money to any of these mystery addresses in the images.  So far as I can tell, the effect of the hack was limited to item images and no sensitive information has been leaked.

I have switched the default view for all accounts to "incognito" so images won't show up.  Also, it is looking like we will most likely lose the defaced images, so those will need to be re-uploaded.

I'm terribly sorry for the trouble this is causing, and we will get it cleaned up asap.

- -DPR

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJQ0V3+AAoJEAIiQjtnt/ol61wIAJgLMU7G9afQIPcEP11QQUfu
nvYAnM+BGsh6U/I65r5p7WzoLlIWTl+1mRIg3YNXMT/6UTphOMFKOv6/XXJig5o/
edja/1+5UJhLeOpXNuDlJDrLJqFGqGKu/swIn0rT2AmmxrgBcXYX+QUnoEZ4lJct
qMcKVX/j6PnWoT62RfmS5cirvbR7R6DB/ahzaVlihjx+XYzw5PiSmPthivQlUiLB
9XWibiO73kxq2cw/+hVvnhHFKbME1Ima1Q/JVX0knY+oAXIW0jeTrg7irDlg7ObL
Xn/w8WJ4GQ+qUkKn/jaY8Im3sFWLXDzWgC+VAAhmatEn49eSraVFA7kVX91tF6Q=
=LZjl
-----END PGP SIGNATURE-----
Title: Re: image hack on SR
Post by: pPharm on December 19, 2012, 06:29 am
Thanks for the update DPR
Title: Re: image hack on SR
Post by: blackend646 on December 19, 2012, 06:30 am
That's a relief, thanks for the update
Title: Re: image hack on SR
Post by: T5 on December 19, 2012, 06:34 am
As long as it is fixed you're the man!

Also, would you think the hacker is the one responsible for the weird shipping option bug? They take out shipping options, then hope the customer will be using the hack address as it is now the only way to "pay" for their item?

Title: Re: image hack on SR
Post by: Funbagz on December 19, 2012, 06:35 am
fourth
Title: Re: image hack on SR
Post by: Funbagz on December 19, 2012, 06:38 am
Thank you for the update. We were all patiently waiting.

..... for the most part
Title: Re: image hack on SR
Post by: blackend646 on December 19, 2012, 06:39 am
Can you comment on the recent disappearance of the moderators? With that, the image hack and this stuff I keep hearing about an impending LE attack at the end of this year things have been getting very unsettling.
Title: Re: image hack on SR
Post by: polygamuz on December 19, 2012, 06:40 am
Hi DPR. Please address the shipping bug. Thank you.
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 06:41 am
is the pgp signature legitimate?

I don't know how to check
Title: Re: image hack on SR
Post by: avast on December 19, 2012, 06:46 am
Although we all appreciate the quick response, all of the circumstances recently have been quite unsettling. I understand it is important for someone in your position to be as vague as possible about these sorts of things but is there any way to provide a little more information on these events?  Anything would be greatly appreciated.
Title: Re: image hack on SR
Post by: Shroomeister on December 19, 2012, 06:48 am
Yes. Will the shipping issues be addressed with the also?
Title: Re: image hack on SR
Post by: cousin frank on December 19, 2012, 06:49 am
is the pgp signature legitimate?

I don't know how to check

Checks out fine here :)

$ cat i |gpg --verify
gpg: Signature made Wed 19 Dec 2012 01:26:06 AM EST using RSA key ID 67B7FA25
gpg: Good signature from "Silk Road <staff@silkroadmarket.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 07E2 9C07 DC63 7C8D 1891  2CA7 0222 423B 67B7 FA25
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 06:53 am
Hi DPR. Please address the shipping bug. Thank you.
this please.
Title: Re: image hack on SR
Post by: ENBOOM on December 19, 2012, 06:54 am
http://silkroadvb5piz3r.onion/silkroad/user/923820dcc5

is his profile for his public key. (I suggest you add it)  All checks out.
Title: Re: image hack on SR
Post by: idiotkid on December 19, 2012, 06:56 am
Who cares about the images - no one's that stupid. The postage thing is stopping us buying anything.
Title: Re: image hack on SR
Post by: Dread Pirate Roberts on December 19, 2012, 06:59 am
Yes. Will the shipping issues be addressed with the also?

Yes, these are most likely related and we'll be figuring out that as well asap.
Title: Re: image hack on SR
Post by: NorthWestDirect on December 19, 2012, 07:01 am
subscribed
Title: Re: image hack on SR
Post by: CrazyBart on December 19, 2012, 07:06 am
Hope your team can figure it out asap! Hopeefully no first timers fell for it either. Thanks for the update captain!
Title: Re: image hack on SR
Post by: Razorspyne on December 19, 2012, 07:07 am
Notice how you're less likely to order something without the pictures even if you know what it is? Who would benefit the most from a hack like this? Think about it. The hack is not exactly genius, but it's outside the square, I'll concede that.
Title: Re: image hack on SR
Post by: AshMcKnight on December 19, 2012, 07:16 am
Subscribed.

Want to know when that shipping issue is resolved. Don't think I can handle my family over Xmas without a weed buffer  ;)
Title: Re: image hack on SR
Post by: DivineMomentsofTruth on December 19, 2012, 07:17 am
Did anyone else notice the camel is gone from the upper left corner of all SR pages?  Happened about 30 minutes ago I believe....
Title: Re: image hack on SR
Post by: PrincessHIGH on December 19, 2012, 07:19 am
Thanks for your update DPR, all the best to you and your team to resolve image hack and shipping issues quickly and safely, godspeed :)
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 07:19 am
Did anyone else notice the camel is gone from the upper left corner of all SR pages?  Happened about 30 minutes ago I believe....
Did anyone else not read the OP?
Title: Re: image hack on SR
Post by: astor on December 19, 2012, 07:19 am
Yes, that's what stealth mode does.
Title: Re: image hack on SR
Post by: DemiPsyWave on December 19, 2012, 07:20 am
As an introductory post, I just wanted to express how impressed I am by the foundation that has been laid in order to keep the members of this community as anonymous as possible. I was quite excited as I learned more and more, lurking through the forums, about the standards that have been set. Also, I like drugs.

That being said, perhaps a link to this announcement on the main site in the "news" section would help a broader range of SRers through this confusing dilemma. Just a suggestion.

Keep up the awesome work! btw, i like drugs.
Title: Re: image hack on SR
Post by: h1n1z2 on December 19, 2012, 07:23 am
subbed
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 07:28 am
DPR

We have great respect for what you have created but your site has been compromised, your top 10 Vendors of which I am one are under attack and all you've done is switch to incognito mode?

It's not just an image hack there is also no way to add a postage amount to a listing so there's at least 2 frames of the site compromised.

We are going to have to delete every affected listing and create multiple listings with seperate postage options built into the title and price and have no pictures.

This will create a massive amount of extra work for me in the New Year when I will have maybe 20-25 extra listings to create because of this.

Lastly if you haven't found a solution you could at least make let your vendors and customers know whether you know how they did it and whether you've stopped it from happening to new listings.

I honestly think the site should be taken down. You've been hacked, really hacked for the first time ever and I'm sorry but you just don't seem concerned enough for me.

Apart from Leo closing you down this is as bad as things can get.

As I've said I have great respect for you but I'm one of your top sellers and keeping the site live whilst compromised is fucking madness bro.

KS & CZ

The boys at the ChillZon3

Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 07:34 am
You can make postage options they just have to be one word.

like  FirstClass or Express etc

Thanks for that info mate, will save me a lot of work.

Still stick to what I said before though. Site should be taken down until it's 100% clean and secure.
Title: Re: image hack on SR
Post by: NorthWestDirect on December 19, 2012, 07:39 am
Coins safe or not... The site should be down right now... while the issues at hand are resolved...

 why wouldn't this be done instead of making the site look even more compromised freaking out everybody who does not understand what the fuck is going on...

I would not represent the site in its current state...
Title: Re: image hack on SR
Post by: DivineMomentsofTruth on December 19, 2012, 07:40 am
Did anyone else notice the camel is gone from the upper left corner of all SR pages?  Happened about 30 minutes ago I believe....
Did anyone else not read the OP?

hahaha good one, wow...yes I am so stoned that by the time I had read all the first page and made it here to the second page (in the mean time clicking on other tabs linked to SR main site) I had forgot that DPR mentioned they removed the images....thanks iaskquestions...I think I'll put the bong down for the night  ::)
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 07:43 am
Dude nothing is ever 100% secure, shit happens, the coins are safe!

Hey man it's just my opinion, everyone is entitled to one.

I would of thought particularly a top 8% vendor no?

KS
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 07:44 am
Coins safe or not... The site should be down right now... while the issues at hand are resolved...

 why wouldn't this be done instead of making the site look even more compromised freaking out everybody who does not understand what the fuck is going on...

I would not represent the site in its current state...

Couldn't agree more bro
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 07:47 am
agreed. shut the site down ffs.
Title: Re: image hack on SR
Post by: hoobydoobydoo on December 19, 2012, 07:50 am
It seems like they have no idea how they are being hacked.  Maybe they are leaving the site up hoping to figure it out by watching it happen versus taking it down and looking at each other saying WTF.

Based on how OR works I originally assumed this had to be some sort of SQL injection attack but you'd think that would be very obvious in the DB logs so I don't know what gives now that they are looking at it and still don't know.  Malware on the image server itself?   But that wouldnt explain all the shipping issues....
Title: Re: image hack on SR
Post by: spd on December 19, 2012, 07:54 am
I'm honestly surprised the site is still up - I assumed it would be taken down ASAP once DPR was able to - seems like there's multiple vulnerabilities right now, and they're not 100% sure how to fix it.  I'd like to be able to order (and I guess I can), but feel like it's a bit of a gamble sending BTC right now.  Guess we gotta just wait and see what happens
Title: Re: image hack on SR
Post by: BlueGiraffe on December 19, 2012, 07:56 am
Thanks DPR,

Regarding the shipping options, while these can be corrected, they are still being re-deleted every couple of hours. And the changing images are still happening currently - not just an event in the past. Just so you have that feedback...

I disagree that the site needs to come down, but perhaps an explanation on the front page would help. Explaining to newly logged-in people (most who don't come on the forums) why the images are missing, and also letting them know to message their vendor if the shipping options are missing - and explaining why this is so. Otherwise people will just be confused and that will be bad for SR's reputation.

BG
Title: Re: image hack on SR
Post by: Funbagz on December 19, 2012, 07:57 am
Well I like to make coins myself, and I'm still doing that...And I don't expose personal security so why take it down?

mining?
Title: Re: image hack on SR
Post by: NorthWestDirect on December 19, 2012, 07:59 am
BG,

That would definitely help.

NWD
Title: Re: image hack on SR
Post by: jerseycow on December 19, 2012, 08:02 am
Leave it up, we still need to work.

BTC withdrawals working fine btw.
Title: Re: image hack on SR
Post by: pPharm on December 19, 2012, 08:12 am
You can make postage options they just have to be one word.

like  FirstClass or Express etc

You can also load defaults if you have those setup.
Title: Re: image hack on SR
Post by: geeza23 on December 19, 2012, 08:13 am
thanks heaps for the confirmation DPR
Title: Re: image hack on SR
Post by: murderface2012 on December 19, 2012, 08:14 am
 :o

(subscribed)
Title: Re: image hack on SR
Post by: DivineMomentsofTruth on December 19, 2012, 08:16 am
Yes, thanks DPR

I'm going to bed...really hoping when I wake up that:
A)bugs fixed and road is up and running and B)the coins I have been waiting on are in my account so I can make few orders
Title: Re: image hack on SR
Post by: THUMBSuP. on December 19, 2012, 08:21 am
thanks DPR!
just a simple update like this keeps all of the retards at bay..
with their conspiracy theories and everyone sleeps better tonight.





cheers!
/thumbs
Title: Re: image hack on SR
Post by: BlueGiraffe on December 19, 2012, 08:45 am
Notice on front page of main site is crucial. Not just on the forums.
Title: Re: image hack on SR
Post by: camelherder on December 19, 2012, 08:49 am
The front page has been updated with a link to this post
Title: Re: image hack on SR
Post by: URmom on December 19, 2012, 08:59 am
Am a new user - first purchases were this week. 

Am trying to make another purchase thru a different vendor.  The vendor I want to buy from had one of those "express buy" images with a BTC address on it. 

We have exchanged messages re site errors and are looking at a 'half upfront, half on arrival' work-around.  Am likely okay with this based on his buyer feedback to date.

Reading this update on the error [now suspected hacked admin panel], I have some concern that the message system might also be compromised. 

Question:  Am I being a paranoid new user or is the site officially tainted (ie. don't trust it)?

Also, does anyone have a capture of the dodgy image?   Were they all the same BTC address?


Title: Re: image hack on SR
Post by: XTCandLSDHappyME on December 19, 2012, 09:01 am
Well I was hoping it would be sorted by the time I got up. ARGH! SCROOGES LIKE ME NEED THEIR XMAS ORDERS!! BAH HUMBUG!!!
Title: Re: image hack on SR
Post by: BlueGiraffe on December 19, 2012, 09:02 am
The front page has been updated with a link to this post

OK see that now - thanks!
Title: Re: image hack on SR
Post by: XTCandLSDHappyME on December 19, 2012, 09:06 am
Am a new user - first purchases were this week. 

Am trying to make another purchase thru a different vendor.  The vendor I want to buy from had one of those "express buy" images with a BTC address on it. 

We have exchanged messages re site errors and are looking at a 'half upfront, half on arrival' work-around.  Am likely okay with this based on his buyer feedback to date.

Reading this update on the error [now suspected hacked admin panel], I have some concern that the message system might also be compromised. 

Question:  Am I being a paranoid new user or is the site officially tainted (ie. don't trust it)?

Also, does anyone have a capture of the dodgy image?   Were they all the same BTC address?

The addresses were all different but it's very easy to open up lots of addresses quickly for free. I feel sorry for anybody if they have sent money to these addresses cos they will never be seeing they're money again
Title: Re: image hack on SR
Post by: mikeben on December 19, 2012, 09:20 am
You all must know it's the guys overloading the system with their ads from China. BITCOINTALKS ARE THE HACKERS MAN!
Title: Re: image hack on SR
Post by: BearGrylls007 on December 19, 2012, 09:26 am
Thanks for the update. First time user here but I've lurked around for the last year or so. I thought the image thing must have been a new addition for repeat customers (like a 1-click buy option from amazon) or something. So, glad I didn't fall for that shit lol. Now, just to figure out a legit way of getting bitcoins...
Title: Re: image hack on SR
Post by: archeanoo on December 19, 2012, 09:28 am
Hopefully, its likely the database holding image data is not the same as the db holding any sensitive site data (and that may be encrypted as well).  To reduce load and improve security for SR and its application, the databases may be on a different servers/IPs - my guess is the attacker could have somehow found the image database server that posts images to the client and used a vulnerability with tor or some graphics library, etc. 
Title: Re: image hack on SR
Post by: goangod on December 19, 2012, 09:29 am
i suspect the recent downtime and maintainence experienced a few weeks back has in someway got something to do with this security breach
bit worrying i must say,numero uno is obviously personal info being ripped from the site.......just noticed vendors shutting up shop due to the breach........not good
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 09:34 am
I just got this message:

Vendor Support    Dear xxxxxxxxxx,

This is an automated message to all sellers at Silk Road :

Many of your listings were recently altered without your consent. Postage options were deleted, and images were changed. We've corrected the problem that allowed this to happen, but we cannot restore your listings to their former state. Please take a look at your current listings and be sure to add back in any missing postage options, and update any altered images.

Best regards,
Silk Road Vendor Support    5 minutes    read
delete
Title: Re: image hack on SR
Post by: lilacstar on December 19, 2012, 09:38 am
Thanks DPR for addressing this. I hope that the postage options get fixed soon though so people can make orders.
Title: Re: image hack on SR
Post by: T5 on December 19, 2012, 09:41 am
Got the message as well!
I'm actually pretty impressed by how fast this problem was solved.
Good job guys and thank you!  8)
Title: Re: image hack on SR
Post by: Dread Pirate Roberts on December 19, 2012, 09:42 am
OP updated
Title: Re: image hack on SR
Post by: ThePsych on December 19, 2012, 09:46 am
still seeing the hacked photos for the listings ...

The message said they couldn't undo it and to update any altered images.

The altered images will stay there until the vendors re-upload and sort it out manually now? Phew, logged in this morning and didn't think it had been fixed!
Title: Re: image hack on SR
Post by: yello53 on December 19, 2012, 09:55 am
Excellent work as usual, DPR. Thank you for providing this wonderful service.
Title: Re: image hack on SR
Post by: T5 on December 19, 2012, 10:24 am
Hmmm what's the problem here?

I'm trying to re-upload my pictures but it's telling me that the type of file isn't allowed!

Quote
UPLOAD:

The filetype you are attempting to upload is not allowed.

This is the same picture that was uploaded before.

EDIT: The file is .jpg

Thanks!
Title: Re: image hack on SR
Post by: Rocker on December 19, 2012, 10:28 am
I'm glad that the problem is fixed, however SR should do its due diligence and delete all affected images. It doesn't help much that the security breach has been fixed if images with the scam still exist on the site.

Rocker
Title: Re: image hack on SR
Post by: The Fly on December 19, 2012, 10:37 am
I just logged back in again, seems like the problems is still there. All images have been altered to show that "QuickBuy".... again.
This is making me uncomfortable to say the least, specially after DPR confirmed that the "hole was plugged"
Title: Re: image hack on SR
Post by: Empathy101 on December 19, 2012, 10:51 am
Glad it's fixed. Thanks.
Title: Re: image hack on SR
Post by: The Fly on December 19, 2012, 10:52 am
I just logged back in again, seems like the problems is still there. All images have been altered to show that "QuickBuy".... again.
This is making me uncomfortable to say the least, specially after DPR confirmed that the "hole was plugged"
They have to be manually updated. They weren't hit again, just not repaired yet. Should be deleted.

Oh alright I see, it's just that they were gone then blank images then this so I thought..
anyway, thanks for the info!
Title: Re: image hack on SR
Post by: The ILF on December 19, 2012, 11:01 am
Just a tip, when editing the formerly-defaced listings, we had to re-add our postage before we could re-upload our images.  If we tried to fix the image first, we got a blank white screen and nothing would change.

But we're back in business!  Christmas Cheers to DPR and team ... Yeah!!!
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 11:20 am
We're back in business too but the problems are not completely sorted, not for me anyway.

I can only add postage options if there's no space between the words. If I put spaces between the words I get a red error box come up just like yesterday's hack!

BTW this started last Saturday so they were in since at least then unless of course there just happens to be a bug that has developed which just by chance looks exactly the same as the hack?

KS
Title: Re: image hack on SR
Post by: utf-8 on December 19, 2012, 12:00 pm
While I'm extremely happy and thankful that this issue has been resolved, I'm sure you're not surprised to hear that this has struck fear into a fair few SR members. We all trust the security of the site but the fact that it has been compromised to this degree is a little alarming.
 
Title: Re: image hack on SR
Post by: le_blua on December 19, 2012, 12:09 pm
What about temporarily set in css height of image - for few pixels??? at least
Title: Re: image hack on SR
Post by: idiotkid on December 19, 2012, 12:18 pm
Why are you all saying the problem is fixed? It's not. Half the images have the hacked shit on them. And basically all of my regular vendors still have no postage options. It's getting ridiculous. And has long since crossed the line into unprofessional and disconcerting.
Title: Re: image hack on SR
Post by: AshMcKnight on December 19, 2012, 12:27 pm
Why are you all saying the problem is fixed? It's not. Half the images have the hacked shit on them. And basically all of my regular vendors still have no postage options. It's getting ridiculous. And has long since crossed the line into unprofessional and disconcerting.

Agreed! My fave 3 vendors still showing no posting options. Not happy Jan!
Title: Re: image hack on SR
Post by: MR.X on December 19, 2012, 12:28 pm
Thanks DPR

This message update will calm down the tards :)
Title: Re: image hack on SR
Post by: AshMcKnight on December 19, 2012, 12:34 pm
Some vendors still showing no shipping option, still being asked to log out and back in again when completing an order. Kinda getting over this.
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 01:11 pm
Some vendors still showing no shipping option, still being asked to log out and back in again when completing an order. Kinda getting over this.

Yeah well I have been trying to tell people all morning since DPR's 'its fixed' update that it's not fixed at all and the hackers have been on the site since last Saturday which is when postage option problems started for us but nobody seems to be listening.

Try adding a postage option to a new listing, you can only do it if you leave no spaces between the words. If you put any spaces in the hackers red box comes up.

Fuck it there's only 3 Special Delivery posting days left anyway and we're going on Vacation until the 5th Jan. Hopefully that by then they'll have their house in order.

KS
Title: Re: image hack on SR
Post by: OSCAR2013 on December 19, 2012, 01:22 pm
I just got done a nice 92 bitcoins because of the SR quick buy crap!!
why wasn;t there a warning sign splash across the pages of SR as soon as someone logs on to SR.??. A simple warning would have saved me and a few others  a shit load of $.
SR should have been all over this kind of crap! I even sent a message to my vendor asking if his page or SR has been compromised because the shipping was disabled  and the answer was a numb "0".  The Quick buy crap is still up on most of the pages!!
I would like to know how I'm going to get the bitcoins back since SR is so secured and everything is so dandy.,
How can someone hacked such a secured site and is able to scam SR's users of their hard earned cash and nothing was done about it ??
I deserve to be re-imbursed..
S
Title: Re: image hack on SR
Post by: idiotkid on December 19, 2012, 01:45 pm
I just got done a nice 92 bitcoins because of the SR quick buy crap!!
why wasn;t there a warning sign splash across the pages of SR as soon as someone logs on to SR.??. A simple warning would have saved me and a few others  a shit load of $.
SR should have been all over this kind of crap! I even sent a message to my vendor asking if his page or SR has been compromised because the shipping was disabled  and the answer was a numb "0".  The Quick buy crap is still up on most of the pages!!
I would like to know how I'm going to get the bitcoins back since SR is so secured and everything is so dandy.,
How can someone hacked such a secured site and is able to scam SR's users of their hard earned cash and nothing was done about it ??
I deserve to be re-imbursed..
S

You lying fuck. No way did you send $1300 to a random bitcoin address. You scamming fuck.

And if you DID, you deserved it.
Title: Re: image hack on SR
Post by: mrlichy on December 19, 2012, 01:56 pm
While I'm extremely happy and thankful that this issue has been resolved, I'm sure you're not surprised to hear that this has struck fear into a fair few SR members. We all trust the security of the site but the fact that it has been compromised to this degree is a little alarming.

On the other hand I personally find it rather comforting that at least the issue has been made public instead of trying to pull wool over the eyes of public like some (mostly commercial) service providers in clearnet side of things tend to do. What's know can be avoided, but what you don't know you can't avoid either.
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 02:00 pm
I just got done a nice 92 bitcoins because of the SR quick buy crap!!
why wasn;t there a warning sign splash across the pages of SR as soon as someone logs on to SR.??. A simple warning would have saved me and a few others  a shit load of $.
SR should have been all over this kind of crap! I even sent a message to my vendor asking if his page or SR has been compromised because the shipping was disabled  and the answer was a numb "0".  The Quick buy crap is still up on most of the pages!!
I would like to know how I'm going to get the bitcoins back since SR is so secured and everything is so dandy.,
How can someone hacked such a secured site and is able to scam SR's users of their hard earned cash and nothing was done about it ??
I deserve to be re-imbursed..
S

Dude I don't know what to say, we are going to make a post and start a fund to try and get you your money back. I am going to post up a Bitcoin address for people to send donations to. We will start by donating the first 2 Bitcoins. Lets get some xmas spirit going and get this guy his 92 Bitcoins back from these theiving motherfuckers.

Anybody who thinks we're doing this to try and scam coins please check our profile. 92 coins isn't even a days profit for us. We're doing this because Silk Road won't reimburse, it's the slack vendors fault for leaving infected listings up.

I'll sync up my armoury and start a donations wallet which I'll take photo's of and post up so people can see how well we're doing getting to 92 coins

Truly sorry for your loss and hope we can help you get your money back.

KS
Title: Re: image hack on SR
Post by: Krime Pays on December 19, 2012, 02:03 pm
Thanks SR you are my hero. I knew it would be fixed in no time. SR rocks!
Title: Re: image hack on SR
Post by: QwertAnon on December 19, 2012, 02:24 pm
Thanks for the fast fix.
Hope you check the code for similar vulnerabilities.
And I hope noone falls for chillzon3 and oscar2013 lol.

<conspiracy>
maybe the picture scam was just a distraction once they infiltrated the whole page
</conspiracy>
Title: Re: image hack on SR
Post by: Krime Pays on December 19, 2012, 02:31 pm
Everything is normal today. Thanks DPR
Title: Re: image hack on SR
Post by: PartTimeFiend on December 19, 2012, 02:33 pm
I agree, some kind of notice on the SR homepage might have saved some people from getting mugged by this scam.  The Welcome page is where we all arrive on the site, so that might've been the best place to announce the issue to vendors and buyers alike.   I suppose the DPR and co. didn't want to alarm people....?

I like idiotkids comment 'you scamming fuck'.  Agree, it's hard to believe anyone would send 92 btc to a random wallet, but I've no doubt that inexperienced users have lost some coins to the Quickbuy scam.

Well, my xmas/new year orders have been placed and are all marked in transit. My only worry now is any delays caused by the xmas post backlog! 

Merry Christmas to all of yous

PTF
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 02:35 pm
Thanks for the fast fix.
Hope you check the code for similar vulnerabilities.
And I hope noone falls for chillzon3 and oscar2013 lol.

<conspiracy>
maybe the picture scam was just a distraction once they infiltrated the whole page
</conspiracy>

Cool if that's gonna be peoples attitude calling me a scammer and making it look like we're working together I won't do it.

All I can say is this. If Oscar is telling the truth and has lost that money I truly was going to collect tiny amounts from lots of people to help someone over xmas.

You might be some poor skank that 92 BTC means something to but I'm not.

I hope you have a miserable xmas and the worst new year of your life.

Karma would have sorted Oscar but I'll not have my honesty questioned when I'm trying to help someone.

Cheers,

KS
Title: Re: image hack on SR
Post by: Chillzon3 on December 19, 2012, 02:38 pm
Thanks for the fast fix.
Hope you check the code for similar vulnerabilities.
And I hope noone falls for chillzon3 and oscar2013 lol.

<conspiracy>
maybe the picture scam was just a distraction once they infiltrated the whole page
</conspiracy>

On top of that you actually believe the problem is fixed so you're as dumb as much as you are a cunt.

KS
Title: Re: image hack on SR
Post by: Razorspyne on December 19, 2012, 02:40 pm
Did anyone else notice the camel is gone from the upper left corner of all SR pages?  Happened about 30 minutes ago I believe....

Yes it was removed about 9 hours ago. Camel is removed as well as the pics as the logo is well-known know, and will be easily recognised by third party in public browsing. I'm sure you already know this though.... ???
Title: Re: image hack on SR
Post by: Pacman85 on December 19, 2012, 02:45 pm
how can I check if I fell to the hack? Escrow limits the damage? I have not been finalized yet (its still in processing for over 24h an vendor dont reply on PM)
Title: Re: image hack on SR
Post by: PartTimeFiend on December 19, 2012, 02:53 pm
how can I check if I fell to the hack? Escrow limits the damage? I have not been finalized yet (its still in processing for over 24h an vendor dont reply on PM)

If you've made a purchase via the normal method then no worries.  It's not unusual for a placed order to say 'processing' for +24 hours, or for a vendor to take a while to reply to you.  Some vendors are very busy and have loads of messages and orders to handle.  Is it a top 5% vendor?  Some of these guys are handling hundreds of orders p/week, so you'll just need to be patient.  I know how you feel though....  just want to see it switch to 'in transit' so you know it's on its way.

As long as you didn't transfer coins to one of those QuickBuy addresses you should be fine.

cheers,

PTF
Title: Re: image hack on SR
Post by: Pacman85 on December 19, 2012, 03:07 pm
If you've made a purchase via the normal method then no worries.  It's not unusual for a placed order to say 'processing' for +24 hours, or for a vendor to take a while to reply to you.  Some vendors are very busy and have loads of messages and orders to handle.  Is it a top 5% vendor?  Some of these guys are handling hundreds of orders p/week, so you'll just need to be patient.  I know how you feel though....  just want to see it switch to 'in transit' so you know it's on its way.

As long as you didn't transfer coins to one of those QuickBuy addresses you should be fine.

cheers,

PTF

Thank you for the fast reply! He's in the top 13%. Iam wondering that he had enough time to update his listings, reupload images and Infotext in SR-Profile. After Christmas i'll cancle it if its still in processing. There was no note for holiday-break.
It was the first order, so iam a little nervous about the hack and his slow response time. (sorry for that and my bad english).

The hope dies last...
Title: Re: image hack on SR
Post by: Razorspyne on December 19, 2012, 03:09 pm
Thanks for the fast fix.
Hope you check the code for similar vulnerabilities.
And I hope noone falls for chillzon3 and oscar2013 lol.

<conspiracy>
maybe the picture scam was just a distraction once they infiltrated the whole page
</conspiracy>

Cool if that's gonna be peoples attitude calling me a scammer and making it look like we're working together I won't do it.

All I can say is this. If Oscar is telling the truth and has lost that money I truly was going to collect tiny amounts from lots of people to help someone over xmas.

You might be some poor skank that 92 BTC means something to but I'm not.

I hope you have a miserable xmas and the worst new year of your life.

Karma would have sorted Oscar but I'll not have my honesty questioned when I'm trying to help someone.

Cheers,

KS

You tried...... +1
Title: Re: image hack on SR
Post by: Faolin on December 19, 2012, 03:46 pm
Well as of 30 minutes ago, I'm now out 3 BTC. It's a minor annoyance more than anything I just feel that there should have been a link to this forum posted on the front page (there's not). I tried multiple times to buy the item through shipping and all but was unable to. The pictures are still all over the site and I think some vendors haven't logged on yet. So the tainted images will sit there until said vendor logs on and takes action. Please just delete the affected pictures, I know I'm not the only one who's made the mistake of sending funds to the quickbuy. Some people may lose a serious amount of money.
Title: Re: image hack on SR
Post by: pinnu on December 19, 2012, 03:51 pm
i also think it's better to disable the pictures to avoid the situations where a new customer falls prey to this scam or whatever.
Title: Re: image hack on SR
Post by: pinnu on December 19, 2012, 03:54 pm
The request to the administrator - can you please confirm that there was no leakage of any sensitve data like orders/addresses?
Title: Re: image hack on SR
Post by: Tessellated on December 19, 2012, 04:06 pm
Turning off incognito was a bit of a shock. Thankfully I was not using it for its intended purpose at the time. I read that other people had the mode turned on for them, that makes more sense but it also seems you turned it off for people who had it on.
Title: Re: image hack on SR
Post by: Tessellated on December 19, 2012, 04:23 pm
...I even sent a message to my vendor asking if his page or SR has been compromised because the shipping was disabled  and the answer was a numb "0"...

I got a message from someone that had only the number "0' as the contents on Monday, the user said he has sent a message and not the number "0". Odd.
Title: Re: image hack on SR
Post by: Funbagz on December 19, 2012, 04:27 pm
The request to the administrator - can you please confirm that there was no leakage of any sensitve data like orders/addresses?

People this uninformed need not order on SR. I am not trying to be a dick, but you really need a better understanding of how this place works before your dive into it. RTFM! If you've been using PGP to encrypt personal data then there would not be any "sensitve data like orders/addresses" on the SR server anyway.
Title: Re: image hack on SR
Post by: Razorspyne on December 19, 2012, 04:58 pm
People this uninformed need not order on SR. I am not trying to be a dick, but you really need a better understanding of how this place works before your dive into it. RTFM! If you've been using PGP to encrypt personal data then there would not be any "sensitve data like orders/addresses" on the SR server anyway.

lol at this ^. Sh*t, typtap you reaaaaaaaaally pissed today. :( What up?
Title: Re: image hack on SR
Post by: remoulade on December 19, 2012, 05:26 pm
Everyone should be encrypting their addresses anyway, this way no one has to worry! Don't deal with anyone that doesn't have PGP.
Title: Re: image hack on SR
Post by: Mr. Oxy on December 19, 2012, 05:28 pm
This is still a problem. Fucking fix it already!

I have a listing I can't fucking delete Wtf?
Title: Re: image hack on SR
Post by: GlassHouse on December 19, 2012, 05:39 pm
We are working to update our pictures.  Last night we lost the postage listings again, but ONLY on the listings with pictures.  We created new listings without pictures and those postage options were still there this morning.  Our clients can use those listings (first four on our page) until we have new pictures up.  It does appear that the postage option issues are directly linked to posts with hacked pictures, and postings without pictures appear to be safe. 
Christmas is approaching, we are ready to get your order out quickly so you can enjoy the holidays. 
Thank you DPR for addressing this situation, please continue to keep us updated.
Title: Re: image hack on SR
Post by: Pacman85 on December 19, 2012, 05:53 pm
People this uninformed need not order on SR. I am not trying to be a dick, but you really need a better understanding of how this place works before your dive into it. RTFM! If you've been using PGP to encrypt personal data then there would not be any "sensitve data like orders/addresses" on the SR server anyway.

As a beginner, it is not easy to gather all the necessary information. I can understand your anger, but should all Tuts and FAQs be more accessible. Most information is hidden here in sub-forums (PGP).
Title: Re: image hack on SR
Post by: barmanon on December 19, 2012, 06:47 pm
Anyone complaining about having sent BTC to some of the quick-buy addresses... that's the kind of shit I'd keep to myself, you know what I mean? 

How did you think that would work, seriously?... I can't place an order regularly, so I'll just send the bitcoins to this address I can't even copy and paste and that is not reversible, and then I'll just send a message to the vendor for the goods? 

If anyone did get ripped off on this scam, they deserve it more than anyone who loses money finalizing early.

Okay, enough ripping on bozos around here, but I will add that the beginners complaining about lack of warning etc, need to read up.  I probably spent a month or two hanging around this site when i first joined, learning to use pgp, buy bitcoins, learning about vendors, etc.  If you think this is something you can just jump into, you're going to get exactly what's coming to you.

I suppose I'll also take this moment to say that everything seems to be working great on the site.  Got two orders placed yesterday, and even got an order in the mail today.  As always, thanks for everything DPR and the SR community.
Title: Re: image hack on SR
Post by: Spice on December 19, 2012, 07:46 pm
This site is really really safe.  I asked my friend about this who is a programmer.  He said nothing can really go wrong with a sites like this a little glitches here and there.  He also said that he was sure that DPR has people that are the best IT people that are 10 steps ahead of issues once discovered, and issues like this will be fixed forever.
Title: Re: image hack on SR
Post by: robust on December 19, 2012, 08:25 pm
bad execution on the hackers who did this

if this was a 2012 Mayan calender zero day attack, they miscalcultaed
they could have gotten maximum panic mode if they waited 2 days

hahaha, what else you got
Title: Re: image hack on SR
Post by: black83 on December 19, 2012, 08:44 pm
just wanted to buy some stuff, why is nothing working
strange, can i trust it to buy some from vendors on silk road
Title: Re: image hack on SR
Post by: HOUSE on December 19, 2012, 09:01 pm
Is it possible for the IT gurus around here to trace who is behind this? Maybe through the btc address on the images?
Title: Re: image hack on SR
Post by: AshMcKnight on December 19, 2012, 09:20 pm
Is it just me or is the whole site down now? I keep getting a "server not responding" error when trying to load the main URL.
Title: Re: image hack on SR
Post by: gordy_o on December 19, 2012, 09:42 pm
For some reason, I still can't add:

Larghetto(96)    Durogesic Fentanyl 100µg *USA* Strongest - 16.8mg x2. It will not show the shipping options.
Any ideas how to fix that? I really need to get the order in today. I've tried everything I could think of.....help!
Title: Re: image hack on SR
Post by: Sevens on December 19, 2012, 10:01 pm
With the images thing, can anyone speak on the possibility of:

- People uploading code as images (.jpg with actual c# code inside)
- invalid extensions on the images
-People trying to do path-related attacks on you

What were the images that were uploaded and is it possible that they had some kind of malware "hidden" inside them?  Wish pine was here.
Title: Re: image hack on SR
Post by: PhilipJFry on December 19, 2012, 10:28 pm
For some reason, I still can't add:

Larghetto(96)    Durogesic Fentanyl 100µg *USA* Strongest - 16.8mg x2. It will not show the shipping options.
Any ideas how to fix that? I really need to get the order in today. I've tried everything I could think of.....help!

Message the vendor, tell him that the shipping options for this item are missing and ask him if he could add them.
Title: Re: image hack on SR
Post by: iaskquestion on December 19, 2012, 11:51 pm
With the images thing, can anyone speak on the possibility of:

- People uploading code as images (.jpg with actual c# code inside)
- invalid extensions on the images
-People trying to do path-related attacks on you

What were the images that were uploaded and is it possible that they had some kind of malware "hidden" inside them?  Wish pine was here.

i'm interested in this.
anyone?
Title: Re: image hack on SR
Post by: gordy_o on December 20, 2012, 12:35 am
I have to say there are still quite a few items that still have the hacked pic that will not allow you to select the shipping options:
I have been trying all kinds of machines, browsers, and anything else I can think of. It's fairly important that I can place an order this evening. Here is the link, maybe it can be repaired:  "  http://silkroadvb5piz3r.onion/silkroad/item/4004ddf7c2  "   I've always had a great relationship with this vendor. Is it possible to replace the image with a non infected/no picture???

I thought everything was fixed, guess not. Please see what you can do.

Thanks!
Title: Re: image hack on SR
Post by: GlassHouse on December 20, 2012, 01:38 am
We were able to replace our pictures with new ones and have been monitoring them today.  They have not changed and the postage options are still there.  Best guess is the vendor you are talking about just hasn't logged in yet today to correct the problem. 
Title: Re: image hack on SR
Post by: CalifornicationBuds on December 20, 2012, 01:51 am
If I were DPR, I'd delete chillzon3's vendor account. Show some goddamn gratitude. This man has give you a massive market in which to peddle your wares and you freak out over some shit like this. Earlier you said that this was the worst thing that could happen, short of LE busting it. Huh? No one lost any coins, you idiot. That would be far worse. And if you're not the OSCAR guy who is claiming to be scammed, then you're a fucking jackass for attempting to enable his scheme/idiocy. The bottom line is, if you're a seller on SR, you've got to trust DPR. He's done nothing to warrant a lack of confidence and safety has always been his number one concern. Chill the fuck out and stop being a dick.
Title: Re: image hack on SR
Post by: xxglxx on December 20, 2012, 01:55 am
Anyone getting this error upon checkout saying to log out and back then try again
Title: Re: image hack on SR
Post by: Joy on December 20, 2012, 02:46 am
I hope this didnt occur in the future.
Title: Re: image hack on SR
Post by: astor on December 20, 2012, 02:57 am
I hope this didnt occur in the future.

Are you a time traveler?
Title: Re: image hack on SR
Post by: Nod with the bitchin tar on December 20, 2012, 04:06 am
Amazingly professional response to the attack DPR.  Most companies hide & lie about things that happen rather than confronting them head on.  Bravo on how you handled this.
Title: Re: image hack on SR
Post by: Fuck DPR on December 20, 2012, 05:57 am
If I were DPR, I'd delete chillzon3's vendor account. Show some goddamn gratitude. This man has give you a massive market in which to peddle your wares and you freak out over some shit like this. Earlier you said that this was the worst thing that could happen, short of LE busting it. Huh? No one lost any coins, you idiot. That would be far worse. And if you're not the OSCAR guy who is claiming to be scammed, then you're a fucking jackass for attempting to enable his scheme/idiocy. The bottom line is, if you're a seller on SR, you've got to trust DPR. He's done nothing to warrant a lack of confidence and safety has always been his number one concern. Chill the fuck out and stop being a dick.


Fuuuuuccccckkkk up
Title: Re: image hack on SR
Post by: iaskquestion on December 20, 2012, 06:20 am
I hope this didnt occur in the future.

Are you a time traveler?

LOL IRL

+1
Title: Re: image hack on SR
Post by: Chillzon3 on December 20, 2012, 07:49 am
If I were DPR, I'd delete chillzon3's vendor account. Show some goddamn gratitude. This man has give you a massive market in which to peddle your wares and you freak out over some shit like this. Earlier you said that this was the worst thing that could happen, short of LE busting it. Huh? No one lost any coins, you idiot. That would be far worse. And if you're not the OSCAR guy who is claiming to be scammed, then you're a fucking jackass for attempting to enable his scheme/idiocy. The bottom line is, if you're a seller on SR, you've got to trust DPR. He's done nothing to warrant a lack of confidence and safety has always been his number one concern. Chill the fuck out and stop being a dick.

Yes mate DPR's gonna delete a top 10 vendor just for expressing an opinion on security. As far as I know this is the worst attack that's happened so far which is what I meant so I expressed an opinion that I believe the site should be closed and 100% clean before being re opened. I'm not entitled to a polite opinion?

I think it's you that needs to chill out mate,  we are still trading and I'm not freaked in the slightest. You on the other hand believe a top 7% vendor should be banned for expressing an opinion.

As far as Oscar goes like I said Karma would have taken care of him, I was just trying to do something nice at xmas.

You call me a dick but all I've received since I made that post is positive karma.

You're entitled to your opinion as well though so if that's how you feel about me then it's all good. It's all positive vibes from my side, can you say the same?

Merry Xmas

KS
Title: Re: image hack on SR
Post by: busta999 on December 20, 2012, 11:45 am
If not allready done (I have not read through all 10 pages of this thread) may I suggest one of the admin goes through the varoius vendor profiles and alert by pm the vendors who have been affected.

Several of the hacked images with the bogus bitcoin address are still being shown I notice. For instance on fartbombers profile in the lsd section.
Title: Re: image hack on SR
Post by: hubbabubba on December 20, 2012, 02:12 pm
Oh it's already been noticed cool.   Shall we post links to any remnant images hat are found or just PM the vendor?
Title: Re: image hack on SR
Post by: FartBomber on December 20, 2012, 03:05 pm
If not allready done (I have not read through all 10 pages of this thread) may I suggest one of the admin goes through the varoius vendor profiles and alert by pm the vendors who have been affected.

Several of the hacked images with the bogus bitcoin address are still being shown I notice. For instance on fartbombers profile in the lsd section.

I fixed it now, it took some time to reupload all the pictures. Fucking skiddies...
Title: Re: image hack on SR
Post by: PeterPanPB on December 20, 2012, 06:08 pm
Thank you for the update. We were all patiently waiting.

..... for the most part
:)
Title: Re: image hack on SR
Post by: Joy on December 21, 2012, 02:12 am
If not allready done (I have not read through all 10 pages of this thread) may I suggest one of the admin goes through the varoius vendor profiles and alert by pm the vendors who have been affected.

Several of the hacked images with the bogus bitcoin address are still being shown I notice. For instance on fartbombers profile in the lsd section.

I fixed it now, it took some time to reupload all the pictures. Fucking skiddies...

Damn right,such a home work. i fixed 3 pages of my listing yesterday. fucking hackers
Title: Re: image hack on SR
Post by: hoobydoobydoo on December 21, 2012, 03:20 am
It was my understanding that all the defaced images were deleted but I see some are still up. Was I mistaken or is this new?

http://silkroadvb5piz3r.onion/silkroad/item/b2ebc74bd9

You are mistaken.  They supposedly have fixed the hack which allowed the images to be changed but they did NOT fix any vendors images which were already changed.

Vendors which have not manually corrected any altered images still show the old ones. 

Please message your vendor and ask them to correct their images if you still see this.
Title: Re: image hack on SR
Post by: Razorspyne on December 21, 2012, 12:56 pm
With the images thing, can anyone speak on the possibility of:

- People uploading code as images (.jpg with actual c# code inside)
- invalid extensions on the images
-People trying to do path-related attacks on you

What were the images that were uploaded and is it possible that they had some kind of malware "hidden" inside them?  Wish pine was here.

How do you know pine.....? I thought you had only a few posts......
Title: Re: image hack on SR
Post by: hubbabubba on December 24, 2012, 08:51 pm
Is there no universal fix for this image?  It's on at least three front page vendor ads.  Frank Matthews, happy birthday and Isomerism
Title: Re: image hack on SR
Post by: Barbie on December 24, 2012, 09:23 pm
I  knew it!!! Something has happened to my SR, I'm a buyer and cannot loginto my account. I have been trying now for two days. I did make a new account Barbie, my old one is Barbie10 and am able to log into the Barbie, but when I do there are no pictures with ads or the logo of SR .
So just waiting to see if somehow these issues fix it self while all this hacking is getting put to a stop on SR. :'(
Title: Re: image hack on SR
Post by: CalifornicationBuds on December 27, 2012, 04:45 am
If I were DPR, I'd delete chillzon3's vendor account. Show some goddamn gratitude. This man has give you a massive market in which to peddle your wares and you freak out over some shit like this. Earlier you said that this was the worst thing that could happen, short of LE busting it. Huh? No one lost any coins, you idiot. That would be far worse. And if you're not the OSCAR guy who is claiming to be scammed, then you're a fucking jackass for attempting to enable his scheme/idiocy. The bottom line is, if you're a seller on SR, you've got to trust DPR. He's done nothing to warrant a lack of confidence and safety has always been his number one concern. Chill the fuck out and stop being a dick.

Yes mate DPR's gonna delete a top 10 vendor just for expressing an opinion on security. As far as I know this is the worst attack that's happened so far which is what I meant so I expressed an opinion that I believe the site should be closed and 100% clean before being re opened. I'm not entitled to a polite opinion?

I think it's you that needs to chill out mate,  we are still trading and I'm not freaked in the slightest. You on the other hand believe a top 7% vendor should be banned for expressing an opinion.

As far as Oscar goes like I said Karma would have taken care of him, I was just trying to do something nice at xmas.

You call me a dick but all I've received since I made that post is positive karma.

You're entitled to your opinion as well though so if that's how you feel about me then it's all good. It's all positive vibes from my side, can you say the same?

Merry Xmas

KS

A bit of a delayed response, as I've not been around the boards for several days, but fair enough; my tone was probably unnecessarily harsh. No hard feelings.