Bitcoin Forum

DO NOT LEND ANYTHING FOR THE MOMENT.

NEW: I am still seeking BTC, 5% / week interest rate: https://bitcointalk.org/index.php?topic=154032.0

I have also revealed our business (btcQuick.com)

I am seeking a 24 bitcoin loan to cover some significant and profitable orders recently placed. I'd like to fill this loan through the forums.

Here is my solid BTCJAM profile with over 530 BTC repaid: https://btcjam.com/users/594

17/17 rating, and my accounts have being over 8 & 13 years old. I need the coins urgently to fill the orders, or we would be forced to cancel them.

26.4 BTC will be repaid within 2 weeks from day.

My address: 1MACx2wdi4MqriR2Ate1Uhwa7vh73XgXXV

Please reply with your repayment address.




Thanks,
MAC / Mike McNierney

What you might as well be saying:
"Can I borrow 200 BTC? It's totally worth the risk, because I'll pay you back 300% in an hour."

How about an USD denominated loan?

Can fund your loan (via MtGox USD or BTC or paypal) for $100 interest per two weeks. Max runtime 2 months. Need a copy of a valid passport or drivers license and a proof of residence like a gas / telephone / electricity bill.

"I am seeking a 24 bitcoin loan to cover some significant and profitable orders recently placed."

According to that statement you already have the order, the exchange rate and you know exactly how much USD you can pay as interest... so I dont understand what currency risks you are talking about.
Anyway I can only offer you an USD denominated loan due all those price jumps latly. let me know in case you change your mind.

P.M'd

Edit - Send repay - 1CeciAAmh2FdMonbgfRqqvJrsRkjVhoGS6

Because you can take out a few loans and pay a few hundred dollars in interest, then default on one and make off with $9000.

Wow, and I was planning to lend him some btc on btcjam.. Dodged a bullet right there thanks to confirmations

Is his btcjam account compromised?

Actually, is his account even compromised? Or pretend to be and run away with 24 btc?

According to Ascension, nope. However, I'd be wary of lending anything until further verification is done.

I was browsing the lending forums when I saw MAC's post's. I immediately called him and asked him if he made the post's and he said no. His facebook account was also hacked. I know MAC IRL.

His btcJam loan is still valid. MAC is working on changing all his passwords for all his accounts.

MAC & I will never post anything requiring a BTC loan ASAP. This should have been the first indication that the post was fishy. As soon as MAC regains control of his account he will post a response to this mess.

So the 24 BTC are lost? Puh, i dodged that bullet.

http://s1.directupload.net/images/130317/trwlkozq.jpg

Looks like my request for an ID scared him off, taking my loan offer. :)

Mac should offer Squall some kind of compensation because it was his password that was too weak and causing this problem... Maybe a 50/50 split of the 24BTC?

Great method to steal money.
You compromise an account and post a loan request from it, then you come with your regular account and pretend to loan 24 BTC. Then you make the real account owner feel bad about your "loss", so he will give you 50% of the Bitcoins "lost" to the hacker.
I see a lot of potential for abuse. Not saying Squall hacked his account, mind you.

You are not the smartest criminal psy :)

So instead of stealing directly 24BTC from any thirdparty you are later trying to convince the original owner to give you 12 BTC.
Maybe it works for low reputational accounts but no low rep acc holder can give you 12 BTC. So either way its no masterplan :)

Could also be malware that started recording bitcointalk account details instead of just mt gox ones? Since apparently his facebook account was hacked too.

Either way, this raises the issue of authentication. This is where PGP comes in ::)

Not the smartest and also not the dumbest. Just not a criminal at all :)

In 95% of the cases its a weak password. Malware aint really easy to get to a specific target user and even so its the users fault to open the links or click the exe file. There are cases of course where you got the malware through an exploit. So its your fault for not updating your software.

Those exploits who are "unknown" and where no update could have helped are very rare and really expensive. They arent used to scam "only" $1000 ...

I got shot again, This is not the real mac? I shall wind up my business here, And leave the community.

As the larget bitcoin community site its fucking retarded that the forum doesnt have 2 factor auth.

Making everyone auth on OTC paid off!

Mac has logged on since and not written to me or posted anything, Something is not right, If a hacker then why return to the scene of the crime, If not, Why is mac quiet? I shall warn everyone away untill this is sorted.


Also, Why use a vanity address? and the coins have not moved since?

Squall, MAC's account should be locked/banned by the MOD's until he can prove ownership of the account. The hacked posted another thread in the long term loans and maybe logged in to see if he had any responses to that thread to steal even more? If you would like MAC to call your IRL send me a PM with your phone number and he will give you a call. I am posting on his behalf because his account is currently locked out.

Thanks,
Ascension

I've been on a conference call with MAC (Mike) and Ascension (Jerrod)

They will be covering the 24 BTC lost in this incident - Squall1066 will be made whole.

I am glad to hear that, Squall doesnt deserve this.

Does this site not check IPs? Hence a mod can't check the IP of the poster and compare it to the previous IP's?

In my conversations with them, I referred to you as an example of a stand-up guy who's benefiting long-term from stepping up and taking responsibility for a circumstance that was beyond your control (the stolen money in the UK post incident)

In the long-run, we'll know and evaluate our peers by the manner in which they handle unfortunate occurrences such as this.

I can't see IP's; only theymos can. It would be good to have that feature though for a quick deductions in cases like this.

Wow. I can't believe that a forum dealing with lending wouldn't check IP's. So any random can come in here with multiple account pretending to loan to himself to build rep? Doesn't seem very safe for lenders.

You arent here for long right? Otherwise you would know that they try that every week and no lender consider loans from one "no reputation account" to another "no reputation account" as reputation.

Have only been here a couple week, have only known about btc for a month or so. Just learning the ropes in a sense.

lol if you can think of it, its already been done.

Not much point in I.P's mose scammers use TOR anyway, We need something else.

If we're dealing with identity theft do we not already have a solution for that with the signature function in the client?

I thought that just ties up the client with a address, If an account is hacked, Could it not come from any client?

Now I don't claim to understand the signature thingy completely, but the way I understand it it is possible to sign a message with the client. This signature depends on the context of the message and the wallet keys and can be checked for authenticity in another client. The following should then be possible:
- Build a central repository of signatures for users (yeah, yeah, I know, centralization bad, but bear with me)
- When a user requests a loan, have him sign that message with the client.
- Now you should be able to check that signature against the signature in the repository via your own client and determine if the person is indeed who they claim to be.

Someone correct me if I'm wrong here. I'm not good with the signature stuff, it breaks my brain, but this is how I would assume it works.

Well I know less than you on this (and it shows how well used a feture it must be) But if I understand correctly, There is no way to varify a new user, As there is no "history" of the signature? So at some point someone has to take a first gamble? Which instantly make me think of shill acounts and fake build up, We have to keep using coins to keep the system alive, But the way things are going, Everyone will be to scared to spend them for feer of it not arriving to the person they wanted it to.  :o

Yes, the repository would only work reliably for established users. The idea is specifically preventing things like your situation where an established users forum account is taken over. I think you are very right in assuming that these things will be happening more often now.

It's based on address - you know I have the address firstbits 1GLados (because I've traded substantially with it, eg buying asicminer shares, bitfunder public asset listings), and then you know whoever can sign a message from 1GLados has access to my private keys. There's still the risk of compromise, but less than just someone logging into a forum account without 2fa.

Hm... maybe it would be a good feature if there is a fix bitcoin address bound to every user account (set during registration) and only admins/mods can change those. Maybe thats too much trouble for mods, so second possibility there is a bitcoin address bound to every user account with the timestamp when it has been set and a public log of the old bitcoin addresses with the old timestamps.

When you use those addresses for transactions (at least for the bigger ones) the right owner would get the funds and could send them back later in case he didnt request that transaction.
If an address had changed in the last couple of days you can still decide if you trust that new address and/or ask the "owner" if its not possible to use an "older" address from the logs.

Message:

Signature:

Now anyone can check my OTC page(linked in my signature), get my public Bitcoin address from there and verify I was the one who signed a message.

To verify, open Bitcoin-qt, File > Verify Message, enter my bitcoin address in the 1st field, the message in the 2nd field and the signature in the 3rd field and press the Verify Message button.

FFS, this is in Bitcoin-qt, with a graphical interface. Any donkey can do it.

Even better. So that system is already in place.

EEeehh AAAAuuuuhhhhh, I cant do it lol, Where is the address for the first field?

Check the part on the quote that wasn't bolded by you...

I'm psy. Squall1066 has been scammed by MAC in 24 BTC. This is just a test message intended for Bitcointalk and not to be taken seriously by anyone. Mon, March 18 2013 10:40 AM

G+tumBo0kYxAttLfFXfbiCTYICQjHd0zy98d7K79UTA9nXxN280XB8sKLYcR//Jr1MoUDLnyXRG0XPGoa+6qprQ=