A reddit user named Skillzythehacker has claimed to have compromised thousands of accounts on Dream Market, though market administrators said no Bitcoin were at risk. The attacker said of all the compromised accounts, none were using 2FA, a supposed panacea for login security issues.
Dream market admin wombat2combat released the following message:
- -----BEGIN PGP SIGNED MESSAGE-----
The user /u/Skillzythehacker sent the mods of /r/Darknetmarkets a list of over
50 login credentials [names and passwords] for dream market accounts.
After looking at them more closely we can verifiy that they are working and the
accounts are pretty old because their user IDs are between about 100k and 500k
while the latest ones [when registering a new account] are higher than 700k.
It is therefore very likely that these login credentials were obtained through a
There were already made some changes to the current dream market warnings and
this issue will be added to them too.
- -----BEGIN PGP SIGNATURE-----
- -----END PGP SIGNATURE-----
The attacker is said to have provided proof he could log into various accounts, leading users to speculate that user info was stored with weak or no encryption. (archived)
United States President Donald Trump held his first solo press conference on the job and offered a comprehensive review of his action packed first month in office. Trump promised further action in the coming weeks as he celebrated a busy first month in spite of the fake news media, hostile career bureaucrats, and a slate of department secretaries delayed by an obstructionist legislature. A transcript of the press conference is presented below: Continue reading
Police One, a forum frequented by members of US Federal and State "Law Enforcement" agencies, confirmed today that 715,000 of member accounts have gone up for sale on the deep web after a breach that occurred in 2015. The database contains usernames, password hashed with every hacker's favorite md5, email addresses, dates of birth, and other miscellaneous data for the bargain sum of 0.4 BTC. Forum officials said they were notifying members of the hack so they could reset passwords, although this will do little to prevent dedicated attackers from future attacks.
Altcoin Monero has suffered a blow in its push to become the dominant currency of darknet markets, with reddit users reporting that the owners of Oasis market have apparently pulled an exit scam, absconding with around 150 Bitcoin and a yet undetermined amount of Monero. Reports from reddit also indicate that users attempting to withdraw Monero from the Alpha Bay marketplace are meeting similar frustrations, though the site is still online. This news caps a very bad week for XMR, with the MyMonero web wallet service run by developer fluffypony (WoT:fluffypony) also
being was offline for several days now, with users reporting silence from support channels and inability to withdraw funds, though private keys can still be recovered and imported into an actual wallet. These particular wallets have been target by hackers several times in the past few months, resulting in several millions of USD vanishing. At the time of the writing of this article, the sorry for your loss was at -17% and continued to plunge.
Following the initial announcement of "Shadow Broker's" (WOT:nonpeople) planned auction of alleged NSA surveillance tools and miscellanea, further lulz emerged. Here they are Roundup Xtend'd:
- Github effectively and proactively enforced a potential copyright claim by the United States National Security Agency by booting the information off their platform.
- Numerous media outlets are skirting around where the goods came from by tenaciously using the "Equation Group" moniker for the group with which the tools originated.
- The issue of whether the teasers offered of the goods for sale are novel or rehashes of previous leaks has not yet been definitively established given the sheer amount that has been leaked already.
- A suggested price of One Million Bitcoin has been floating around. The price, which represents a substantial percentage of the best money's monetary mass, reeks of insanity and a deep povertree of the sort that makes a supposed person incapable of market participation.
Sorry for your lols.
DoctorClu, slave name Brian Farrell (WOT:nonperson), ended up getting sentenced to 8 years in prison, a sentence that both prosecutors and "his"1 own lawyers agreed to lobby the judge for.
A Louisiana man arrested in July 2015 for his role in selling a botnet on Darkode forums has been sentenced to 366 days in prison and 3 years supervised release after being found guilty of "obtaining information by computer from a protected computer". At the time of his arrest Mr. Guildry was found to be in possession of stolen credit card information, and allegedly stole almost 150 Bitcoin from his victims. Authorities said some of the Bitcoin stolen had been converted to cash and spent. Guildry was one of 70 members of the Darkode site around the globe that were arrested in a crackdown on carding sites as part of "Operation Shrouded Horizon".
A post on LinkedIn's blog this morning announced that data had been released which "claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012" A hacker known only as "Peace" was offering the complete dump on a darknet marketplace The Real Deal for the price of 5 Bitcoin. While LinkedIn claims to have increased security measures since the 2012 hack many users were still using the same password, likely across multiple sites. Passwords from that breach were unsalted, making it likely the majority were cracked within a few days after the hack. The company said there was no indication that any new security breach had occurred.
It calls itself Silk Road 3.0 . The anonymous owners of another deepweb site, Crypto Market, are reputedly behind the new incantation which will be known as "Silk Road 3.0" While touting itself as "The darknet's most resilient marketplace", the login page states "We are under DDOS attack. Please come back later." at the time of the writing of this article. Reports further promised massive security updates though the site continues to be accessible only through the TOR network. Prior "Silk Road" markets including were attacked via flaws in Tor with Silk Road 2.0 notably having a record of the attack happening committed to court records.
Popular darknet market Nucleus has been offline for nearly a week, leading many users to speculate that yet another exit scam is in the works. The market was holding roughly 5,000 BTC in deposits for vendors and users. No message from /u/nucleusmarket has been forthcoming on reddit's r/darknetmarkets sub which seems to be the preferred meeting place on clearnet for users of such marketplaces.