Silk Road forums
Discussion => Newbie discussion => Topic started by: Theo Hardeen on September 21, 2013, 05:50 pm
-
I'm a new SR user with a couple transactions under my belt and am having an issue that I'm hoping someone can help me resolve. I've searched 20+ posts on the forums about login issues, but none has helped with my particular issue. I've got a bunch of BTC sitting in my account and am trying to determine if I've been hacked. I suspect not, but eliminating other possibilities is the only way I can be sure.
Here are my issues:
1. I'd been successfully using my main SR account for a month when I stopped being able to login. Every time I input my password, the page reloads and gives me a "login failed, please try again" message. As recommended on the forums, clicking the "go" button manually, changing my browser settings, and refreshing for over an hour did not help. I've tried many times again over the last two weeks, making sure each time that I have the correct URL and am not being phished.
2. As per forum advice, I started a new account to ask for a password reset, suspecting that my account may have been compromised. Here's where it starts to get confusing: I was able to get onto SR after creating my new account and sent admins a message, but the following day and all days afterwards I have been unable to login to this account also. All the same tricks were tried, all to no effect.
3. Several days later I started a SECOND new account. This time, I logged off immediately after getting onto SR and tried to login with the password I had created two minutes prior. Same result: "login failed, please try again."
I feel like I may have had this issue before and that it was an issue with cookies or Javascript, but I've changed settings for both several times and nothing happened. Am I just missing something here? I'm new to the Deep Web and am trying to educate myself as much as possible, so any advice or expertise would be greatly appreciated.
Thanks!
-
You should definitely not be using javascript and I would be clearing your cookies after every session.
Second, I would try from a different computer. I suspect somebody has an active trojan on your computer. You'll need to run a scan. Make sure you don't use your operating system to run the scan. Use a bootable cd to scan your computer, or remove your drive and plug it into a secondary computer that has not been compromised.
Last but not least, you should be using tails anyway. It's the most secure method of access.
Sorry to hear that you've lost your accounts. Did you type out your password in a notepad to make sure it was correct and then copy and paste it into the password field?
Unforuntately, the nature of SR is such that you'll probably not be able to retrieve your account(s).
You can't really prove that you are who you are.
Good luck - if you have any other questions just post them here. I'm a sys admin / software developer of over 20 years and I've worked closely in security for quite some time. Sounds like your passwords are being logged and used by somebody else.
My next suggestion is to get a good firewall/anti-v software for your normal computer - even if you're going to start using tails, don't sacrifice your security for anything. I suggest using eset - and use a valid copy that you actually pay for. Don't use pirated anti-virus warez. Bad idea. Buy it - no exceptions. It's fairly inexpensive for the security and peace of mind you'll get from it.
Peace -
-
Are you using Tor browser bundle?