Community,
A post with screenshots was provided that showed an Alphabay mod requesting a user's private key who was asking for access to his account.
https://www.reddit.com/r/DarkNetMarkets/comments/49zj3w/proof_that_alphabay_mods_are_asking_for_pgp/
We feel a warning to the community is warranted for the time being. The explanation from Alphabay is that the mod is not a native English speaker and thus it is simply a misunderstanding. This particular problem doesn't impact the usual use of Alphabay. This particular problem happened whne a user lost access to their account. So its a very specific scenario where this played out. For those who don't need to go through a mod to use their account, this probably doesn't apply much to you.
At this point, we (the mods) aren't ready to judge as to the real reason this happened. But we operate in an environment with low tolerance for error. Even a language mishap at this level can be dangerous.
This warning simply states that an Alphabay mod made an inappropriate and strange request that should not have been made. Whether or not the warning is temporary depends on how those actions are judged over the next couple of days or weeks and whether or not this happens again. This warning does not imply anything beyond that. If it was an innocent translation error or something more serious, this warning doesn't cover that nor make any determinations. We are still learning about what's going on and what happened.
If this was an honest language mistake, this should serve as a warning to Alphabay to review how mods are handling tickets and to be more proactive with things. If a mod is not a native English speaker, they should have help from an English speaker to ensure that the right thing is being said. In short, AB might want to review how tickets are handled, esp if there are potentials for translation issues.
Community, remember your private key is YOUR private key. Guard it with your life. There is no legitimate reason anyone else should have access to it. Once you hand over your private key, you have potentially compromised every single customer or every single message sent to you. You have also potentially lost access to your account. Think before doing certain things. If something sounds fishy, don't do it. Ask the community first.
Alphabay - this warning isn't necessarily permanent. Get your shit together and show that this didn't result in anyone losing their accounts and show that this will not happen again and the warning will be removed. For the time being, you will remain on the Superlist unless there are new developments. A warning will be placed on the sidebar.
Also, we are not going to persuaded by claims without some supporting evidence. This particular claim had proof. Supply proof. Innuendo and implicitly asking me to trust you that Alphabay did this or that to you will not happen. This warning was made because a member of the community provided proof. I figure that there will be firing squads throwing accusations against AB now - it won't change how we are listing them unless proof is provided.
Thx. Any questions, fire away.
EDIT Because it was brought to my attention that AB's official response was downvoted to oblivion, I'm reposting here.
The following is from /u/alphabaysupport
/u/alphabaysupport said:
Here is our view on the subject: when replying to support tickets, every moderator can set his own templates that make it easier. For example, if a user claims to be locked out of their account, we have templates that are similar to "Please provide your PIN, mnemonic, and last transaction history so we can better assist you". It is way faster while still providing the same service level.
The templates of this moderator included the word "private key", and for having worked with him for nearly 8 months, I can confirm that he is not a native English speaker.
We apologize for the issue caused by the language mishap of this moderator and we have confirmed that the template has since then been edited.
Since the template has been edited, rest assured that this will never happen again. We have no incidents of people losing money due to this, therefore showing good faith from this moderator.
Thank you
Wasn't there a post before the one with the screenshots that said he was screwed out of 2k+?
I don't see how us being on the DNM and all, that a mod of a fucking market, whether there's a language barrier or not, doesn't know the difference between a public and private key.
On top of that it wouldn't fucking matter. He doesn't need to ask for either. If he wanted the public key it's in his profile, but that's not what he needed anyway. He needed a signed pgp message, which has to be done by the user themselves, which involves in no way of giving out private/public key..
All I see here is misdirection, and greediness... Obviously deliberate. He said in caps in the SS that he needed the Private Key specifically.. He seems to type quite well for someone that isn't a main speaker of English..