Silk Road users have been shocked twice in the past two days when a forum member released names, addresses and order details of dozens of purported customers.
The user – first calling themselves ‘Info Wars’ and, once that account was banned, ‘Infowars’ – pounded the forums with repeats of the same post – a list of names and addresses, along with alleged drugs orders delivered to those addresses. Hundreds of posts were made before the user was banned and the forums taken offline ‘for maintenance’.
In an attempt to combat spam, some time ago Silk Road implemented rules for new members – a user’s first 50 posts could only be in the ‘Newbies’ or ‘Customer Support’ forums and capchas have to be filled out for the first hundred posts. Unfortunately it seems the spammers have techniques to bypass these safeguards.
Infowars used these same techniques to clock up the requisite 50 posts needed to escape from the ‘Newbie’ forum within ten minutes. Then they reposted the personal information in every current thread available, to the tune of hundreds of posts.
The natural assumption was that Infowars was a bot of some sort. But then came this:
Apparently enjoying the havoc they were wreaking a few minutes later the spamming dox-bot followed it up with this:
Although both times forum administrators were alert and removed the offending posts within 20 minutes or so, forum regulars are naturally concerned. This is not the first time Silk Road has been under some sort of attack. But who would do such a thing? A rogue vendor who retained customer addresses and decided to post them? Are vendors selling their clients’ personal information? Is it the result of phishing a seller’s account? Is the competition posting it to create fear in the Silk Road community? Law Enforcement spreading FUD? Or is it just one big hoax?
There is no doubt the addresses are real street addresses (though not necessarily the names – unless some rather famous Australians are using the service right now; in fact at least one would need to be exhumed to take delivery). The purported orders were nearly all personal amounts of MDMA, with delivery addresses in the USA, UK and Australia.
Of course, a random list of names and addresses on a black market’s discussion board proves nothing. But it has certainly given some people a scare.
The best advice that has been given: if you are going to make a purchase on a black market, learn PGP encryption.