[wtf?} logged into AlphaBay and 2FA is mysteriously enabled on my account?

I am a vendor with ~$10k/month in sales.

I never click any links on the internet when I go to AlphaBay. I ALWAYS use my bookmarked page of http://pwoah7foa6au2pul.onion. I use tails and click that link directly from keepass so please don't tell me I was phished.

When I tried to log into AlphaBay, it mysteriously required 2FA. I did NOT enable 2FA on my account. What is going on? I decrypted the text and it seems legit but I am afraid that this is a trap. Was their pwoah7foa6au2pul.onion key jacked? Are some corrupt fucking admins at AB targetting my account for something? I have about $300-$400 in escrow right now.


This is the decrypted message at the 2FA screen:

Your login security code is: xxxxxxxxxxxxxx

WARNING: Make sure that you are viewing this page using an official Alphabay link.

The ONLY official links are:

alphabaywyjrktqn.onion

pwoah7foa6au2pul.onion

stbux7lrtpegcra2.onion

jsbpbdf6mpw6s2oz.onion

zdfvqospmrbvzdn3.onion

sszoxp4dqmt24jng.onion

nracund2vx6lxzck.onion

lo4wpvx3tcdbqra4.onion

If you are using ANY other link, no matter where you found the link, exit this page

immediately and use an official link, then change your password. Thank you for your

cooperation in preventing phishing.


Comments


[18 Points] 100x100ug:

Check out this post by /u/alphabaysupport for more information about the enforced 2FA.

To put a drastic stop to vendors getting phished on Alphabay,
we now enforce mandatory two-factor authentication (2FA) for
all vendors on the marketplace. In addition, the encrypted
message (on login) will include an authentication code, and a
warning message with the list of official links. Since the list of
links is bundled together with the auth code in the PGP message,
it is unforgeable by any phishing proxy page.

Vendors who got a free waiver but didn't put a PGP key in their
profile will be prompted to enter one on their next login, and
2FA will be enforced. In addition, when a new user registers
and sets a PGP key in the registration form, 2FA will automatically
be enabled, with the same unforgeable list of official links in the
PGP message.

We will see how this goes in the near future, but we expect the
phishing to stop fairly quickly. 

tl;dr: They automatically enabled 2FA on ALL accounts.

This is their way of acting like they're taking responsibility for the safety of their users, while at the same time inconveniencing many other users, it's impressive.


[8 Points] Vendor_BBMC:

Its to try to stop the alphabay admins from resetting vendor's passwords, logging in as the vendor, then stealing his takings.

Alpha02 obviously looked at the server logs, looked at the number of vendors who's passwords were reset, and realized its his own staff.

Its been done very quickly, without warning, so I'm guessing they've got a very serious problem.Maybe he did genuinely think its outsiders phishing until he looked at the logs.

A real phisher would login as the vendor, quickly withdraw some bitcoin, then logout without changing his password in the hope that the vendor wouldn't notice. That way he could steal from the phished vendor several times.

The alphabay admins aren't phishing, they don't know the vendor's password so they just change it and login as him, leaving the real vendor locked out.

Alpha02 should have recognized this. He's a legend in the fraud community, poachers are supposed to make the best gamekeepers.


[3 Points] berryrc:

2FA is awesome. I set up everywhere it's available as soon as I create an account and it barely takes a minute to do so. People are fucking lazy.


[2 Points] Fukthishat:

Yeah I'm tired of all the I got phised but I'm a fucking darknet OG so its imposiburu for me to get phised.


[-1 Points] throwHAYawayNEIGH:

Alpha bay will be gone in less than a month, they're garbage at what they do besides spinning irrelevant BS so now our agenda is ignored while they keep stealing