Dream Market Deposit Address Issue (POSSIBLE WARNING)

EDIT: So it seems like I may have been phished because I am not able to replicate this issue at all. Any ideas as to how I may have been phished, using the same onion I always have?

EDIT 2: So /u/GreenSnapper2120 said that another post detailing the OP had a bitcoin changer in his version of Tor. After someone explaining what that is, I believe that to be the culprit. I had a been prompted to update my browser, and I did just before all of this took place. How is it possible that could be? What steps could I take to avoid something like this in the future?

SEMI-FINAL OVERALL EDIT: So what ive been able to boil it down to is, I was prompted by my Tor browser to update my version of Tor. I updated the browser the same way that It's always updated when the time comes so I think nothing of it. I continue with my business where I experience the issue of copying my deposit address, and upon pasting, it being a slightly, but still ultimately, a different wallet address. I believe this is the work of a BTC changer, which I only know of thanks to the previously mentioned user's information he passed on to me about one. Assuming we're correct, that means this BTC changer somehow came bundled with my Tor browser update? What sort of implications does this present? How can a BTC changer be bundled in with the Tor browser update??? Could we be wrong and its something completely different?? Am I acting as if belize is on fire and i need to house my move to Julian Assange? /s

FINAL FINAL UPDATE: it is this , this , which is ultimately this (start at the beginning of the third section, paragraph seven).

Any and all input would be greatly appreciated; Im leaving the original post down below just cuz


I tried to make a deposit, same as always; however I noticed when I highlighted and selected copy on my wallet address displayed on the dream site, after the first few characters, it was a different address that was pasted on the other end. I double checked, and the wallet address looked one way on the dream market, but when i pasted it to Circle, it was a different wallet address. I signed out, jumped to a different onion (because my address bar matched the onions listed on the side of the dream home page, itself), and just simply tried the copy and paste the address, again -- same exact issue. I then decided maybe I was phished and/or it was my machine, so i went to a different computer, and tried to copy and paste the deposit address again. To my surprise, it happened again. When I copied the wallet address displayed on the dream market, it displayed the first two characters correctly, but ultimately it was a completely different address. E.G. like this: 18xxxxxxxxxxxxxxxxxxx Now, Im not sure how to go about providing proof for this, but I tried from multiple computers from multiple onions and Im having the same issue. This leads me to believe someone else may be able to try it and have the same issue, or if not, could please let me know how this could have possibly happened to me.


Comments


[2 Points] GreenSnapper2120:

I seen someone say yesterday that their version of Tor had a bitcoin changer in it. Now I'm not sure if that's even possible or if it's even a thing.


[1 Points] jjcooli0h:

Take screenshots and then crop them; only revealing the 2nd - 10th characters on both of the addresses, or something along those lines.


[1 Points] None:

Just logged in via the Superlist and the displayed deposit address matches my clipboard address. I am not able to replicate your issue.


[1 Points] free-agent:

Have you tries copypasta a different address from somewhere else? Another site or a btc donation address?


[1 Points] MDMangel:

What steps could I take to avoid something like this in the future?

Learn to use TAILS my brother. It won't let you down. As for the possibility of being phished, I'd like you to read a post I wrote that has helped others.

https://www.reddit.com/r/DarkNetMarkets/comments/4jc837/a_tip_on_avoiding_the_phishermans_hook/


[1 Points] jjcooli0h:

Sounds like this malware is at it again ....

See here.


[1 Points] None:

Could be a compromised for bundle, or a fake update being spread thru things like MITM. Who knows


[1 Points] None:

I am deleting the other thread.