Hooligans Sportsbook

The Silk Road is back

  • Start date
  • Replies
    82 Replies •
  • Views 4,729 Views
Using the Tor network for illegal commerce isn't a good idea for the non-tech-savvy. It works great if you know what you're doing, but there are ways to expose your identity if you don't really understand what's going on.

Bitcoins aren't exactly the easiest thing to deal with either.

Cali, you're an attractive, socially active young woman. You're in the ideal drug-obtaining position. Forget Silk Road.
 
Last edited:
Major Online Marketplace Silk Road Hacked — Someone Stole All Its Bitcoins




Dylan Love
  

Feb. 13, 2014, 4:49 PM 7,889 31

The anonymous marketplace for illegal drugs has been hacked. Defcon, a pseudonymous administrator for the site, shares the following details:

Nobody is in danger, no information has been leaked, and server access was never obtained by the attacker.

Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as "transaction malleability" to repeatedly withdraw coins from our system until it was completely empty.

Despite our hardening and pen-testing procedures, this attack vector was outside of penetration testing scope due to being rooted in the Bitcoin protocol itself.

You probably recall a major attack that went out against several major bitcoin exchanges earlier this week, which was also made possible by transaction malleability. No money was lost then, but all bitcoins associated with Silk Road have been stolen, according to DeepDotWeb.

Defcon ends his missive with a notice on what to expect for the future. In short, they plan to rebuild and change the way money moves from buyer to seller using a technical "multi-signature" system possible through Bitcoin instead of a standard escrow.

Those missing their bitcoins, which are reported to total over $2 million, are simply out of luck for now.


Read more: http://www.businessinsider.com/silk-...#ixzz2tFs5NXgE
_____
 
MrX
Using the Tor network for illegal commerce isn't a good idea for the non-tech-savvy. It works great if you know what you're doing, but there are ways to expose your identity if you don't really understand what's going on.

Bitcoins aren't exactly the easiest thing to deal with either.

Cali, you're an attractive, socially active young woman. You're in the ideal drug-obtaining position. Forget Silk Road.

If you care about quality, the site is unforgettable.

Guaranteed that some of the blow and mdma is light years ahead of what the vast majority will be able to find.
 
[URL="http://www.forbes.com/sites/andygreenberg/2014/02/13/silk-road-2-0-hacked-using-bitcoin-bug-all-its-funds-stolen"[/URL]

The same bug that has plagued several of the biggest players in the Bitcoin economy may have just bitten the Silk Road.

On Thursday, one of the recently-reincarnated drug-selling black market site’s administrators posted a long announcement to the Silk Road 2.0 forums admitting that the site had been hacked by one of its sellers, and its reserve of Bitcoins belonging to both the users and the site itself stolen. The admin, who goes by the name “Defcon,” blamed the same “transaction malleability” bug in the Bitcoin protocol that led to several of the cryptocurrency’s exchanges halting withdrawals in the previous week.

“I am sweating as I write this… I must utter words all too familiar to this scarred community: We have been hacked,” Defcon wrote. “Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as “transaction malleability” to repeatedly withdraw coins from our system until it was completely empty.”

Just how many bitcoins were stolen wasn’t said in the post, although it listed a series of Bitcoin addresses that the Silk Road administrators believe to have been involved in the heist. Those transactions seem to point to a single Bitcoin address that contains 58,800 coins, worth more than $36.1 million at current exchange rates. But tracing Bitcoin’s pseudonymous transactions is always tricky–other estimates range from 41,200 by a Silk Road user and 88,000 by the Bitcoin news site.

Update: Nicholas Weaver, a researcher at the International Computer Science Institute, estimates the total theft of Silk Road’s bitcoins at a much lower number: just 4,400 or so coins, worth around $2.6 million.

Based on the Silk Road’s data about the attack, the site’s staff point to three possible attackers, two in Australia and one in France. “Stop at nothing to bring this person to your own definition of justice,” Defcon writes.

Silk Road’s users, predictably, didn’t take the announcement at face value, and many instead suspect that the site’s staff have used the “transaction malleability” bug as a scapegoat to cover their own incompetence–the site has been plagued with more pedestrian bugs since launching in November–or even that they’ve run off with the users’ bitcoins themselves. “Transaction malleability,” after all, has been a known issue with Bitcoin for two years, and is described by most Bitcoin security experts as more of a major nuisance than a real threat that would allow funds to be stolen.

“Something’s not correct: The bug…can’t be made responsable if bitcoins are missing now!” writes a user named pathfinder.

“Oh, this is rich. How many users called for the shutdown of SR2 to fix the problems? They were ignored,” writes a user named aqualung on the site’s forums. “Admins did this. Not some vendor.”

Defcon denied those accusations, but took full responsibility for allowing the theft. “I didn’t run with the gold,” he writes. “I have failed you as a leader, and am completely devastated by today’s discoveries…It is a crushing blow. I cannot find the words to express how deeply I want this movement to be safe from the very threats I just watched materialize during my watch.”

The hack is just latest in a series of mishaps, crackdowns and scams that have roiled the “dark web” drug market since the shutdown of the original Silk Road anonymous drug site in October by the FBI. Among the more than half dozen sites that have sprouted to pick up Silk Road’s lucrative stream of Bitcoin-based drug transactions, at least three have run off with the users’ funds and two have shut down after being hacked. Several drug site administrators have also been arrested, including three former Silk Road staffers and five men in the Netherlands and Germany who launched their Silk Road copycat, Utopia, earlier this month.

Amidst that chaos, the relaunched Silk Road has been perhaps the most stable and popular marketplace for drugs and other contraband, with over 13,000 product listings at last count. And its hacking and sudden bankruptcy shakes the anonymous ecommerce community more than any of those other dark web eruptions.

While some Silk Road users wrote on the site’s forums that they planned to take their business to other marketplaces like Pandora and Agora, others declared the Silk Road model altogether dead. All the sites currently keep users’ bitcoins in “escrow” before a transaction is complete to prevent fraud, a model that often allows the funds to be stolen, seized.

Defcon ended his message to the site’s users by announcing that the Silk Road will no longer use an escrow, and will instead ask users to send money directly between buyers and sellers, a model that will no doubt lead to many more scams on the site. But he said that the site will move to so-called “multi-signature” transactions, a largely experimental use of Bitcoin that would require multiple users to “sign off” on a transaction before it’s made. That means a third party could serve as a trusted escrow with no way to steal a user’s funds. He promised a “generous bounty” to anyone who could help Silk Road to implement the change.

“Silk Road will never again be a centralized escrow storage,” Defcon writes. “Hindsight is already suggesting dozens of ways this could have been prevented, but we must march onward.”
 
If you care about quality, the site is unforgettable.

Guaranteed that some of the blow and mdma is light years ahead of what the vast majority will be able to find.

+1

There is a thread somewhere where a guy tested almost every vendor's snow, looking for common cuts. About half of the samples the guy tested came back as 85%+ pure, with no active cuts. That is straight off the brick.