Sharpshooter789 has been removed from the moderator team

As moderators of this subreddit, we're supposed to take a neutral stance when it comes to the markets and security. We have always informed a market about security issues when they were discovered, and made a public announcement when they were serious enough. However, /u/sharpshooter789 has been directly attacking markets and other hidden services. This is not our role here. He was directly told many times that he should not be doing this, and should not be making posts regarding markets. When a moderator makes such posts under their mod account it makes the rest of us look like a farce, and contradicts our stance on such issues.

/u/sharpshooter789's ideals do not reflect our own, and because of this he has been removed from the moderator team.

If anyone has any questions about this I will do my best to answer them, but /u/-lobali and /u/Jay-__ are more qualified as they were more involved in this situation.


Edit: Jay posted his explanation


Comments


[23 Points] Jay-__:

Woha, I just took a sneaky-peak at reddit on my tablet - only to find about 10 messages in my inbox.

I am also not that sure what MLP wants me to say here - since I wasn't all that much involved with it. I just had two or three short talks with sharpshooter about a certain topic.

However, I will be as transparent about it as possible - like I always try to be.

'My' story goes like this:

Yes, I am scanning markets and other onion sites for vulnerabilities - to let them know about them so they get fixed.

One night I found out that the personal store of Gotmilk and two other more known vendors were all vulnerable to exactly the same stuff and had other rookie mistakes - which were all the same.

I found out who is building these stores - and gave their site a try also. I found out that their own site wasn't any better - so I told GotMilk about the vulnerabilities, because if I told the guys building pages for them, they could have just fixed them without letting the owners know that they in fact were vulnerable for a long time.

I didn't want that - because I'm sure those vendors paid a good portion of cash for a service that just wasn't as good as they thought would be.

24h later I had a reply from Gotmilk that 'they have fixed it' and 'I should try to hack it now'. I replied that I had no intention of hacking it to begin with and moved on.

Then 'Simply Bear' made their announcement. I gave it a try and found refl. XSS vulnerabilities - and since it was an absolutely new market with no vendors what so ever, I posted them on their thread instead of notifying them in a more private way.

Shortly after, I got messaged by three other redditors, I am not going to name them, but I'm sure they know who I am talking about. One of them was sharpshooter.

I can't remember all the details, but we came to talk about things including that hosting-company and how they seem to charge a heap of cash for just the most basic effort they had to put into building those private-stores.

Granted, I told him a few details about them - but I surely didn't know it would turn out like this.

Sharpshooter got very interested in them and started not just scanning them but doing things to them.

At first he told me that he uninstalled their eCommerce-plugin, because they left the uninstall.php.

After that he was DDoS'ing them - because he knew they're using cheap VPS' and couldn't handle much requests.

Finally, he began to bruteforce the admin-login, because it didn't have any security-measures in place (like at least a captcha).

I think he then told lobali about it all, since she was the one that approached me and asked me on my view. I told her about it what I knew and she then told me that this isn't the first time he seems to have done such things.

Lobali, MLP, I and I think Dare also had a conference about it and they told me about the stance towards such things we moderators should have.

I agreed - but also explained that I never did anything malicious to any site at all. I think right after that MLP and/or lobali had a stern talk with sharpshooter -- but as his newest thread shows he somehow didn't really understood it.

I'm sorry since I kind of was the person that told him about it in first place - but I simply can not and will not take responsibility for the things he has done.

That's about it. Any questions / comments - just ask. I will try to answer each and every questions as good as I can.


[11 Points] Vendor_BBMC:

He more or less resigned, in an "i don't think I can be a mod after this" way.

After telling everyone how to bring down Abraxas' forums.

I will admit, I assumed that some mod had been relieved of his duties for being a Top_gear_UK employee, until I opened this thread. Are we still looking the other way? Because now the reviews of his bulk sheets have gone up from daily to two a day.

I'm assuming he is giving a discount on 100 blotter sheets to any customer who writes a favorable reddit review. The only way to prevent this is to enforce a ban on any more T_G_UK reviews for a fixed period. Then have an inquest into how this was allowed to go on for so long while the forum mods all seemed to be looking the other way.

It's gone beyond a joke now. US-based LSD vendors with similar sales figures and higher ratings get 2 Reddit reviews a year IF THEY ARE LUCKY.


[8 Points] LoudRooster:

https://pay.reddit.com/r/DarkNetMarkets/comments/3beohy/breaking_abraxas_forums/

"We have always informed a market about security issues when they were discovered, and made a public announcement when they were serious enough."

I believe he was trying to inform abraxas with no success and therefore made a public announcement to get the admin's attention so the vulnerability could be patched. Having a tech savy mod is very important, it is like having a key. Perhaps there is more to this than what I see here but with what I DO currently see, this is not right. But alas, that's my two cents.


[9 Points] None:

Why do all the fuckboys become mods?


[7 Points] Deafcunt:

Interesting, I wonder why he wouldn't just post that stuff from an alt account..?


[4 Points] The_Grid_Is_Up:

Sharpie got 86'd :(


[4 Points] auto587643:

Thanks mods for how you handled this. I and many others had a huge problem with his bullshit AlphaBay smear postings and he was a total asshole to people who disagreed with him. It's no place for a mod of this sub to be posting such stuff and acting that way, especially with little to no real proof.

To find out that he was doing even worse stuff on his spare time with other markets and hidden services lowers my opinion of him into the negative digits. A loose cannon like him can't be allowed to hold onto the job of modding, as he'll just make the mods look like jokers.

A mod here is supposed to be unbiased; he just used his position to push his personal feelings as facts and go after those he didn't like.


[3 Points] None:

A trusted comunity member provided this to me last night but couldn't get a screenshot before sharp deleted it and edited the text so other mods couldn't read it.

https://www.reddit.com/r/DarkNetMarkets/comments/3bcu3b/i_think_i_broke_abraxa/

Not sure what the point in posting is, transparency I guess?


[3 Points] InfinitelyOutThere:

Out with the old guard in with the new ey


[3 Points] DarknetWiki:

Thanks mods for the transparent way in which you handled this.


[2 Points] want2vape:

So basically he got fired for warning an admin/ the community that a/ multiple sites being made by the same person/ group are very flawed and dangerous to use. So if continues to warn the community about such things will his threads be deleted?


[1 Points] Nogoy:

Jay did the same thing displaying vulnerabilities when simply bear announced itself. I just don't see the difference can u explain it ?


[1 Points] sharpshooter789:

Since when is fuzzing a direct attack?


[1 Points] noseybast:

What effect, if any, did his views on Alphabay and the H4C saga have on this decision, further more if H4C and all that shit hadn't made identifying vulnerabilities a negative, do you believe his actions would of resulted in this decision?


[0 Points] vlkemist:

thanks for the good forumkeeping!