PSA: Clearnet gateways to your onion site are always a bad idea. Never add unnecessary points of failure to your setup. [Alpha Bay]

Notice: /u/alpha02 claims that the information on his Arvixe account is fake here and with that being said, this does not quality as dox on a user because this "personal information" is not a real person's personal information. Mods, if this is still unacceptable please let me know and I will censor out even more of the relevant info.

I recently saw that /u/alpha02 had posted here about the clearnet gateway to Alpha Bay, alphabay.me. He mentioned that he used Arvixe for hosting, which piqued my interest because I've lied my way into full access to Arvixe accounts before.

So I got onto Arvixe's site, started talking to their support staff, and with nothing more than the domain name to start with I was able to get quite a bit of info. For the sake of making sure this post doesn't get removed, the information is censored, but /u/alpha02 can come confirm himself that the informtion listed here is the information attached to his Arvixe account. Here's what I got:

I could have easily gone further with this, but in the interest of not going too far down the rabbit hole I didn't. I want to prove a point here but I don't necessarily want to get on the owner of any darknet market's bad side, you know?

Keeping a clearnet gateway (or ties to the clearnet of any kind) for you darknet market is a bad idea because it introduces a lot of different points of failure that are not normally present. For example...

Users

Administrators

I'm sure there are plenty of other issues here that I haven't thought of, so feel free to add to the list. Anyway, stay safe out there guys!


Comments


[6 Points] pinkprincess1:

Stupid question time - why the clearnet gateway at all?


[1 Points] presari0:

Think you probably just made a dozenbutts worth of poop flow into ol' jobays pants.


[1 Points] None:

An account paid by tumbled BTC using a burner e-mail.

You actually showed a very major flaw of Arvixe. I am thinking about just trashing the clearnet page. Deepdotweb has our link anyway.

I also got an e-mail from their staff claiming that someone tried to access the account. Probably this one. This is the transcript:

15:58 Joseph Carter: I would like to add an email address to my account plesae 15:59 Joseph C: *please 15:59 Awais Amjad: Hello, how may I assist you? 15:59 Awais Amjad: Please use the following guidelines: 15:59 Awais Amjad: [link] 15:59 Joseph C: Can you please add it to my account for me 15:59 Joseph C: I'm really bad with computers :( 16:04 Joseph C: Hello? 16:04 Awais Amjad: Please provide the last four characters of your billing account password for verification. If you don't know or have forgotten your Billing account password please go to [link]


[0 Points] young_k:

lol i bet thats no body associated with the dnm...probably a carded account, and your assuming POF...could be one of the safest places of all to look at and you have no idea...so...why not just message that dnm's support staff?

Oh yea trolololololololol on the dead markets that can't even start up!

I'm in!

They all suck!