Vendor PGP change

One of the best vendors around has changed their pgp key on all marketplaces without any warning or change of vendor page info saying so. Have people come across this before and does it have any significance? Vendor has always been legit and has a long dnm history so i would have no reason to ever doubt them usually. I will not name the vendor as I have not approached them about the issue and would certainly not name them unless I give them a chance at explaining what happened.

EDIT: Vendor has offered to decrypt a message using old pgp key and updated pgp software due to a bad review of the pgp software they were using. I am officially calling this FUD. Vendor seems legit as ever, i got his package so all is good.


Comments


[3 Points] MLP_is_my_OPSEC:

Proper procedure is to sign the new key with they old one. Did they not do this?


[3 Points] None:

If he cant sign the new key with the old one, then he has been potentially compromised and LE is possibly operating the account. Or it could have been stolen via phishing Using the same password on multiple markets, or he might have had a hard drive crash and had no backups of his key.

Unless LE is now running the accounts, all olf the above suggest bad OPSEC. I would avoid unless he can sign the new key with the old one. You very well might get scammed by "him" at this point.


[2 Points] None:

Which vendor. I think a warning is due. Could be LE and if a new buyer didn't have this info it could be bad


[1 Points] noseybast:

Surely all vendors have 2FA enabled so if LE took an account over ans could get it why not just use the same key


[1 Points] rorsarch:

Same thing happened to BonnieNClyde. See my thread here:

https://www.reddit.com/r/DarkNetMarkets/comments/3bby2g/vendor_inquirybonnienclyde_agora/

Stay safe.


[0 Points] pthrowgawayp:

There was no signing of the new key with old, the issue became apparent when they could not decrypt a message I sent using their old key. Appreciate the good advice, as it is a vendor who I talk to regularly and have built up a relationship of trust with that goes back a long way. I think just dropping the question on them doesn't seem a good approach. My order is a low profile one, not anything that would get LE excited so I will wait and see what happens with it and monitor feedback. If someone else has hacked into or taken over the vendor account they will need to know how to work like clockwork due to the volume this vendor goes through. Even a slight blip in the feedback or indications of delayed orders would raise index of suspicion. No mention or warning was given anywhere that the key was going to change, it just did which is the only reason why I'm worried and I will say myself that any concern at present is FUD until proven otherwise but I will report to the community if I can gather any suspicious evidence