Olympus Market is a joke

As noted in another post from /u/InsanityDRM, he found out that Olympus Market was using a favicon hosted on a clearnet site. Putting two and two together, their server time is in Germany, and this site is hosted on a German server, with a German IP address.

After doing some more simple digging, I was able to come up with their IP: 62.***** Naturally its down now but this is most likely Olympus' market server cluster/network. This IP is hosted at 23media dot de, which is in Germany. Same info as InsanityDRM posted. Doesn't look good for these "InfoSec" specialists who use a simple favicon pointed at a clearnet domain. If they can't have 2 seconds to move a favicon to the web server of the market, then they don't have enough time to secure your funds.


Comments


[13 Points] InsanityDRM:

Personally I don't think that is the servers IP. However I'm not currently in a position to say whether it is or is not. That being said the way they originally handled the situation was terrible & they made it far more suspicious than it currently appears to be. Currently it just seems like a giant opsec fail & the admins didn't thoroughly check through the src of their cracked Xenforo.


[3 Points] AutoModerator:

/u/InsanityDRM - You have been summoned in this thread by /u/lilasa45.

This convenience is brought to you by AutoMod. Submissions do not automatically summon users like comments do. AutoMod is trying to be helpful.

For others, it should no longer be necessary to summon the referenced user in a comment any more. AutoMod has done the heavy lifting for you. You're welcome. Bow before me.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[1 Points] Acid2525:

Is Olympus market save. And what is with the link works in clearnet


[1 Points] DNrick_sanchez:

plus the UI is eyerape

this is big if true though wow, wont be using them anytime


[-1 Points] ComprehensiveNetwork:

Post the full IP here so LE can raid them and jail them all. The admins are for sure idiots and it's only a matter of time until LE gets them.


[-2 Points] bubmle11:

LOL how much bullshit in one post....

InsanityDRM if you could hack them you would have already posted your results, you are just a script kiddi with no skills.

"HugBunter has found 2 source code disclosure" where did he post his finds?!!? nothing was found, LOL.... such a shill

HAH