Alphabay Warning - Mod Asking for Private Key

Community,

A post with screenshots was provided that showed an Alphabay mod requesting a user's private key who was asking for access to his account.

https://www.reddit.com/r/DarkNetMarkets/comments/49zj3w/proof_that_alphabay_mods_are_asking_for_pgp/

We feel a warning to the community is warranted for the time being. The explanation from Alphabay is that the mod is not a native English speaker and thus it is simply a misunderstanding. This particular problem doesn't impact the usual use of Alphabay. This particular problem happened whne a user lost access to their account. So its a very specific scenario where this played out. For those who don't need to go through a mod to use their account, this probably doesn't apply much to you.

At this point, we (the mods) aren't ready to judge as to the real reason this happened. But we operate in an environment with low tolerance for error. Even a language mishap at this level can be dangerous.

This warning simply states that an Alphabay mod made an inappropriate and strange request that should not have been made. Whether or not the warning is temporary depends on how those actions are judged over the next couple of days or weeks and whether or not this happens again. This warning does not imply anything beyond that. If it was an innocent translation error or something more serious, this warning doesn't cover that nor make any determinations. We are still learning about what's going on and what happened.

If this was an honest language mistake, this should serve as a warning to Alphabay to review how mods are handling tickets and to be more proactive with things. If a mod is not a native English speaker, they should have help from an English speaker to ensure that the right thing is being said. In short, AB might want to review how tickets are handled, esp if there are potentials for translation issues.

Community, remember your private key is YOUR private key. Guard it with your life. There is no legitimate reason anyone else should have access to it. Once you hand over your private key, you have potentially compromised every single customer or every single message sent to you. You have also potentially lost access to your account. Think before doing certain things. If something sounds fishy, don't do it. Ask the community first.

Alphabay - this warning isn't necessarily permanent. Get your shit together and show that this didn't result in anyone losing their accounts and show that this will not happen again and the warning will be removed. For the time being, you will remain on the Superlist unless there are new developments. A warning will be placed on the sidebar.

Also, we are not going to persuaded by claims without some supporting evidence. This particular claim had proof. Supply proof. Innuendo and implicitly asking me to trust you that Alphabay did this or that to you will not happen. This warning was made because a member of the community provided proof. I figure that there will be firing squads throwing accusations against AB now - it won't change how we are listing them unless proof is provided.

Thx. Any questions, fire away.

EDIT Because it was brought to my attention that AB's official response was downvoted to oblivion, I'm reposting here.

The following is from /u/alphabaysupport

/u/alphabaysupport said:

Here is our view on the subject: when replying to support tickets, every moderator can set his own templates that make it easier. For example, if a user claims to be locked out of their account, we have templates that are similar to "Please provide your PIN, mnemonic, and last transaction history so we can better assist you". It is way faster while still providing the same service level.

The templates of this moderator included the word "private key", and for having worked with him for nearly 8 months, I can confirm that he is not a native English speaker.

We apologize for the issue caused by the language mishap of this moderator and we have confirmed that the template has since then been edited.

Since the template has been edited, rest assured that this will never happen again. We have no incidents of people losing money due to this, therefore showing good faith from this moderator.

Thank you


Comments


[25 Points] Desecration29:

Wasn't there a post before the one with the screenshots that said he was screwed out of 2k+?

I don't see how us being on the DNM and all, that a mod of a fucking market, whether there's a language barrier or not, doesn't know the difference between a public and private key.

On top of that it wouldn't fucking matter. He doesn't need to ask for either. If he wanted the public key it's in his profile, but that's not what he needed anyway. He needed a signed pgp message, which has to be done by the user themselves, which involves in no way of giving out private/public key..

All I see here is misdirection, and greediness... Obviously deliberate. He said in caps in the SS that he needed the Private Key specifically.. He seems to type quite well for someone that isn't a main speaker of English..


[10 Points] None:

[deleted]


[7 Points] Theeconomist1:

/u/alphabaysupport and /u/trappy_pandora

You should be aware of this. I've placed Alphabay on the warning list for this specific scenario. Alphabay is on the Superlist as of now. Read the main post.


[2 Points] hackforcrack:

I have a question. Do you honestly think they won't regurgitate one of their simple deflection stories?


[3 Points] hackforcrack:

Well that's an interesting development. Alphabay keeps pulling things like this out in the open, and yet people continue to use them. I just don't understand.


[2 Points] LedLevee:

Lmfao "language error". The dude had okay English and specifically asks for "your PRIVATE KEY, REMEMBER, the PRIVATE ONE!".

What a load of shit. AB is either scamming or don't have their mods under control.


[2 Points] None:

[deleted]


[2 Points] drtybngwater:

i guess i just dont see how this is a mistake or language barrier problem. alphabaysupport stated bigmuscles is a long time mod with a good rep. how does a long time mod suddenly switch to hot keys and ask for a PRIVATE KEY? he doesnt... he was trying for a quick cash in plain and simple... i only started using AB a couple months ago, iv ran though 13k in escrow. after my newest order arrives and escrow is released, i for 1 will NOT be back to AB. your mod was trying to scam a customer and after hearing about all the lost and locked AB accounts, it really just seems others werent smart enough to screen shot and profide proof. you are keeping him on the payroll, therefore fees out of my purchases are paying him. you lost a customer here.


[1 Points] Caymanquestion:

I vote our next sub mod be some dbag named penissmith? Or something.. His name has penis in it, he's a mod of a market... What the fuck I really feel like he is 12 years old ..


[1 Points] None:

[deleted]


[1 Points] None:

FINALLY ALPHABAY ON THE FUCKING WARNING LIST HIGH FIVE MY FELLOW SHILLS!


[1 Points] TTSDA:

Please update the wiki, add a warning to alphabay.


[1 Points] Xpenda:

I told bigmuscles (the mod in question) that I lost my PGP keys and needed 2-FA reset and he still gave me a canned response asking for my private key. So maybe he truly did just not speak English well.


[1 Points] Thriz_whistle:

If you just go to the superlist and click on Alphabay, you see nothing in the way of a warning. I feel like if there is going to be a warning, it should be in red on the actual Alphabay entry. Many people will miss it if it's just in the sidebar. What's the point of having a warning if it's easy to miss?


[1 Points] anonjackstalling:

https://www.reddit.com/r/DarkNetMarkets/comments/43atau/alphabay_is_scamming_i_feel_like_i_did_when_evo/

People kept twisting shit and trying to say I typed things I did not and I am the fool when I was locked out with 2FA enabled with my key that mods changed. I was the one at blame but now others have had it happen and they are not the fools. What kind of family-community is this?


[1 Points] throwHAYawayNEIGH:

And people told me that I was phished and crazy..


[1 Points] drugfreekid:

I find the language error excuse futile at best. The mod explicitly mentioned "your PRIVATE KEY, REMEMBER, the PRIVATE ONE!". It seems as though for 7 words his language skills went up 6 IELTS points.


[1 Points] None:

I feel sorry for the guys who lost thousands of dollars/Euros/whatever when a simple fix would have made everyone happy again.


[1 Points] ISEEYOUBIGBROTHER:

I quit using AB months ago, I moved 50$ over to the AB wallet from my personal wallet, I was patient..72 hours patient anyways still to this day that 50$ is delivered in the block chain and I never got it. No I was not phished. Yes I have 2-FA No I did not file a complaint anywhere, no use. I simply moved to another market, and have continued using the same system and successfully moving money from wallet to wallet placing orders. Fuck, AlphaBay. Smart in their end though, they are making some good ass money.


[1 Points] None:

At one point, I really liked it but now, I'm not a big fan anymore of Alphabay so much anymore...

a)Three vendors were allowed to FE that took my money. One, CatFishBilly whom I'd previously done business with, two, premium_plug, where I clearly was an idiot because he had hardly any legitimate feedback, and three, pillmill, whom had pristine reputation/feedback, well over a 100 sales, all spelled out in great detail as being above par, and had trust and high level status. How did pillmill pull this off I wondered? Could he have paid off a mod to achieve that level so quickly, gain FE ability, then make off with money?

b) i've been told they are russian carders. Not sure but I think that means they steal credit card info, and are located in a very nefarious place where even common decency is looked at as weakness. So all of my philosophy courses have taught me that if a carder is a thief, he will eventually steal from me, Correct?

c) trappy-pandora. While at heart I think you are a great person, I believe it is impossible to be impartial in a situation where you are being paid to see things a certain way. You didn't divulge this(your PR status with AB) early enough in your relationship with reddit and it lost you trust points. This makes it hard for a lot of people to take what you say as 100% honesty.

c) I have only received a refund for one of those aforementioned scams, and I'm small peanuts. What about people who are losing a lot of money, in general, but also specifically in regards to the vendors I just mentioned?

d) people complain ALL OF THE TIME that their deposits didn't go through, they were phished, etc. I initially believed this was all FUD until I started to hear other people were mysteriously getting deposits INTO their account. This just does not happen but then I thought again. Hmmm...people are complaining about money missing, what if mods just decided, let's fuck with them and start randomly throwing money at people? This will throw people off and blame "the system" for any perceived fuck-ups, and will effectively CYA

e) bigmuscles. oi! this one makes me think not only is d) true, but we might just have ourselves some proof that a), b), and c) are too. :(

f) only because I have vendors that I implicitly trust do I continue to do business on AB. This qualifies me as stupid in some eyes because, clearly, I'm beginning to become uncomfortable with the SQ at AB, and WHY? would I continue to do biz with them? I'm starting to wonder myself...


[1 Points] thenextwhiskeybar:

REPOSTING official reply by ALPHABAY because idiots downvoted it:

alphabaysupport

Here is our view on the subject: when replying to support tickets, every moderator can set his own templates that make it easier. For example, if a user claims to be locked out of their account, we have templates that are similar to "Please provide your PIN, mnemonic, and last transaction history so we can better assist you". It is way faster while still providing the same service level.

The templates of this moderator included the word "private key", and for having worked with him for nearly 8 months, I can confirm that he is not a native English speaker.

We apologize for the issue caused by the language mishap of this moderator and we have confirmed that the template has since then been edited.

Since the template has been edited, rest assured that this will never happen again. We have no incidents of people losing money due to this, therefore showing good faith from this moderator.

Thank you


[1 Points] alphabaysupport:

Our main admin replied here also, stating that all messages containing private keys (11 users in total) were deleted from the database, so there shouldn't be anymore issue. https://www.reddit.com/r/DarkNetMarkets/comments/4a348b/alphabay_security_measures_followup/


[1 Points] Sunline_Inc:

what a burn :( This kinda makes me want to quite....


[1 Points] sullyrb:

lol, i told you all months ago the mods/admins of alphabay were stealing accounts


[-5 Points] alphabaysupport:

Here is our view on the subject: when replying to support tickets, every moderator can set his own templates that make it easier. For example, if a user claims to be locked out of their account, we have templates that are similar to "Please provide your PIN, mnemonic, and last transaction history so we can better assist you". It is way faster while still providing the same service level.

The templates of this moderator included the word "private key", and for having worked with him for nearly 8 months, I can confirm that he is not a native English speaker.

We apologize for the issue caused by the language mishap of this moderator and we have confirmed that the template has since then been edited.

Since the template has been edited, rest assured that this will never happen again. We have no incidents of people losing money due to this, therefore showing good faith from this moderator.

Thank you