SR 2.0 account compromised

Title says it all. All of a sudden, I could not log in one morning after making a few orders the night before. I have no idea where or how someone got access to the account.

I've opened a support case with support a few days ago, but only am now as of last night/this morning able to confirm it was compromised through talking with vendors after creating a new market account.

Here's what's gone down with the account thus far:

1) one order has been finalized (which isn't possible, since I cannot log in to the account to take such action). Order arrived at my apartment. No sign of LE or suspicious person deliver my mail.

2) another vendor showed me a message that I did not send, asking for cancellation. and they canceled the order.

Not sure what they are trying to do with my account. If it was LE I assume my door would have gotten the boot already if it was going to happen. Or they would have at least finalized on everything, let everything arrive to my place (which it has not), and then kick the door down.

and even if it's not LE or a hacker, they cannot withdrawl the coin without the PIN that I created for that account.

Maybe they canceled the order to get the coin, and place a completely different order entirely, and nail a different vendor.

Regardless, I've removed everything from my apt beside my 420 stuff. Creating a new bitcoin wallet, and a new user account once it's settled and will start rotating where I go to use public wifi to complete my transactions.

Discussion is welcomed.

Update: Heard from 3rd vendor that my order was indeed canceled. so two canceled orders, one order finalized.


Comments


[2 Points] Gabralkhan:

What you are talking about sounds a lot like a compromised and hacked account for sure.

There are a lot of means to get your credentials to DarkMarkets, that's why everybody insist so much on security, separated secured OS like Tails, Tor and "clean" computers.

I hope you will be able to sort out something with the SR 2.0 support, try perhaps to use you PGP key to confirm your identity.

Concerning how an account can be compromised there are a lot of methods :

These are the main methods but there are a lot more...

Regarding the PIN yes normally they shouldn't be able to withdraw without it, but i don't know the dispositions for the reset of the PIN, and the minimal delay on SR 2.0.

Normally it is always possible to ask for a reset but there is a waiting time for security reason like in your case.

A new order is a possibility for sure to use a compromised account, you are right, i don't know if you need PIN for that, but it should be needed for sure.

Careful with the public wifis, a lot of them are used by hackers to gather informations and credentials for internet sites, DarkMarkets are not the only credentials they are looking for.

It is a common used hacker method to harvest credentials to various site, avoid public wifis if you are not sure about the security you should use there to be safe.

Private wifis can also be hacked but Public wifi are really a privileged place for hackers to harvest informations.

Try to keep us updated about your situation i think even if it is painfull for you, your experience could be usefull for some people in the community.


[2 Points] shitstormy:

OP if you were using tails then the only way someone could have gotten your credentials is:

-They correctly guessed/bruteforced your password -SR2 is compromised. -SR2 staff member is stealing.


[1 Points] Darkmarket1:

Have you used the same username and password on any other dark market sites? Maybe one of the other sites is not encrypting their passwords so the admin has access to them. Just a thought...

Actually that idea is kind of bothering me now. Maybe I need to change some passwords.


[1 Points] darkhalf2001:

Just an update....it's been over 3 weeks and no response from SR2.0 admins

I've basically given up at this point and just look at it as about a $500-$600 loss.

Not sure if i'll be going back there any time soon