2 minute read

Be careful with private messages (PM) online, because one thing that comes with anonymity, is plenty of scammers.

Silk Road users have been reporting supsicious and outright fraudulent messages from users posing as Moderators asking them to download files to their computers. Here is an actual message received by another member.


This message is to inform you that the version of Tor Bundle you are using may be vulnerable to a remote execution attack through a flaw in Javascript’s onreadystatechange event. This vulnerability may disclose a users actual identity and other sensitive information transmitted over the tor network.

As of Janurary 2nd 2014 the following vulnerability was found

Title: Execution of unmapped memory through onreadystatechange event
Impact: Critical

An attack that exploits a Firefox vulnerability in JavaScript has been observed in the wild. Specifically, Windows users using the Tor Browser Bundle (which includes Firefox plus privacy patches) appear to have been targeted.

Please note: If you are using Linux or Tails (bootable) this vulnerability does not apply to you, please disregard this message.

We are advising all of our community members to upgrade to the patched version Tor Bundle (3.5) (Latest Tor Bundle 3.5)

Mirror: http://xxxxxxxxxxxxxxx.onion/files/

Note: You do not need to remove your current Tor Bundle before installing. This will overwrite the previous installation and upgrade you to the latest 3.5 version.

If you are unsure of which version you have it is best to upgrade anyways, it will preserve your bookmarks and preferences during the upgrade.

Also…Don’t Forget to Click the “Forbid Scripts Globally” after clicking on the S …..
The rest….Do Not mess with….this is a relatively simple thing to do….you must do this all before accessing any DarkWeb Site.  Point …Blank   & Period….

This is your Safety and Security that you’re Dealing with here….TAKE THIS SERIOUSLY!!

I don’t mean to sound harsh or an asshole…i believe we’re all Family here….and from here on out if you cannot do as told to ensure that your security and safety is not compromised…..well then you don’t need to be here….Period….
Any questions? Please feel free to message any mod and we will do our best to reply Asap

Happy New Year & Stay safe in 2014!

-SR Staff

They then provide a link for you to download an “updated” version of TOR, which has been removed for security purposes. But this message is not coming from any Silk Road staff, it is coming from a random account and the files are likely to be viruses or possibly even from law enforcement.

If you get any suspicious messages from anybody claiming to be a Silk Road moderator asking you to download software to your computer, report it to a moderator immediately so that they can ban the accounts. Do not under any circumstances download any software to your computer unless it comes from an official website such as;

Again, stay safe everyone!

Updated: 2014-02-12