SHARE
TWEET

Alphabay statement on PMs bug (fixed now)

a guest Jan 23rd, 2017 2,410 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA512
  3.  
  4. We have been made aware of the bug that allowed an outsider to view marketplace
  5. private messages and we believe that the community has the right to be made
  6. aware of what information was obtained and what was done to mitigate the issue.
  7.  
  8. !----- What did the attacker obtain? -----
  9.  
  10. 1) Marketplace PMs not older than 30 days, up to ID 2609452. IDs are not always
  11. sequential, as 218,000 messages were obtained.
  12. *** Conversations who did not receive a message in the last 30 days were not
  13. affected, as they were automatically purged *****
  14. 2) List of user IDs + username (nothing more).
  15.  
  16. !----- What steps have been done? -----
  17.  
  18. The attacker was paid for his findings, and agreed to tell us the methods used
  19. to extract such information. Our developers immediately closed the loophole in
  20. order to protect the security of our users.
  21.  
  22. !----- Anything else? -----
  23.  
  24. No other information was obtained. All your forum PMs, order information, BTC
  25. addresses, etc. are safe. Only recent (less than 30 days) PMs were obtained.
  26.  
  27. !----- What to do now? ------
  28.  
  29. No action is required from anyone, but we remind everyone to ALWAYS ENCRYPT
  30. SENSITIVE INFORMATION such as addresses, BTC addresses, tracking numbers,
  31. etc.
  32.  
  33. Thanks to everyone for being a loyal customer, and to apologize to the community,
  34. we will be offering 20% discount on Escrow fees for the next week on all marketplace
  35. orders.
  36. -----BEGIN PGP SIGNATURE-----
  37. Version: GnuPG v1
  38.  
  39. iQEcBAEBCgAGBQJYhLn6AAoJEOAZpE/dncxmydsH/Rt8HfmRbBWd9Q1ZrMjNRLgu
  40. D+Kyx5uFWugRA8ieWww+xErl3IPK3+JgM0/r9WKGnjLIjm9YC9TuKFMwUPDJLo4f
  41. /z/om/qEbCiPOu0q3+2/W4mF4k81t/+5rhM966gMvOtEgBsE163u7WSTW7mHOh4K
  42. fPNTYyyWZ1tS9XLOnUS+2VDAKe9L73lekPi/KntM9DDLtKc3EWMv+05PwQrZSkUn
  43. jfvKc1NAPYjmesLuNuifH7eMo2FbAwjS5YySXf+Wb0WzVD5rVMXyxg5tr0+6pO7L
  44. 1eAbloyBnk5gCydAZlTgo3f6pOfFtyZTai4xkPae220h2/842GoWlZZaBC3+GBY=
  45. =uLM7
  46. -----END PGP SIGNATURE-----
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top