Fraudulent private messages

Discussion in 'Art of Technology & Security' started by pumpingiron22, Mar 14, 2016.

  1. pumpingiron22

    pumpingiron22 VIP Member

    Mar 2, 2014
    221
    38
    FRAUDULENT PRIVATE MESSAGES

    Be careful with private messages (PM) online, because one thing that comes with anonymity, is plenty of scammers.

    Silk Road users have been reporting supsicious and outright fraudulent messages from users posing as Moderators asking them to download files to their computers. Here is an actual message received by another member.

    Quote

    This message is to inform you that the version of Tor Bundle you are using may be vulnerable to a remote execution attack through a flaw in Javascript's onreadystatechange event. This vulnerability may disclose a users actual identity and other sensitive information transmitted over the tor network.

    As of Janurary 2nd 2014 the following vulnerability was found

    Title: Execution of unmapped memory through onreadystatechange event
    Impact: Critical

    An attack that exploits a Firefox vulnerability in JavaScript has been observed in the wild. Specifically, Windows users using the Tor Browser Bundle (which includes Firefox plus privacy patches) appear to have been targeted.

    Please note: If you are using Linux or Tails (bootable) this vulnerability does not apply to you, please disregard this message.

    We are advising all of our community members to upgrade to the patched version Tor Bundle (3.5)

    http://www34.zippyshare.com/v/xxxxxxxx/file.html (Latest Tor Bundle 3.5)

    Mirror: http://xxxxxxxxxxxxxxx.onion/files/torbrowser-install-3.5_en-US.zip

    Note: You do not need to remove your current Tor Bundle before installing. This will overwrite the previous installation and upgrade you to the latest 3.5 version.

    If you are unsure of which version you have it is best to upgrade anyways, it will preserve your bookmarks and preferences during the upgrade.


    Also...Don't Forget to Click the "Forbid Scripts Globally" after clicking on the S .....
    The rest....Do Not mess with....this is a relatively simple thing to do....you must do this all before accessing any DarkWeb Site. Point ...Blank & Period....


    This is your Safety and Security that you're Dealing with here....TAKE THIS SERIOUSLY!!




    They then provide a link for you to download an "updated" version of TOR, which has been removed for security purposes. But this message is not coming from any Silk Road staff, it is coming from a random account and the files are likely to be viruses or possibly even from law enforcement.

    If you get any suspicious messages from anybody claiming to be a Silk Road moderator asking you to download software to your computer, report it to a moderator immediately so that they can ban the accounts. Do not under any circumstances download any software to your computer unless it comes from an official website such as;

    https://torproject.org
    https://tails.boum.org/

    Again, stay safe everyone!
     
    FlyingDragon likes this.

Share This Page