I'm speculating that VRM is about to make an epic run of PIVX proportions (and may see a big falloff after the big rise, too?)

If this follows the pattern, there will be a sharp run, a trail off, then a much bigger run.

thoughts?

Are things falling apart at Poloniex?

My tier 3 verification has been pending for a month. They have all my sensitive documents and information.  I have opened a ticket on this and the last response I have gotten was 19 days ago.  No replies to my requests for status since.

No replies from any mods in the trollbox.

What is going on?

[Chris Edwards]

In September 2012, OTC user Arij began trading with someone in Iowa best known by the name (alias?) Chris Edwards.  Multiple names were used.

The first few transactions were valid (Arij bought BTC with either moneygram or western union).  With the third transaction, he felt he could trust this person, and sent first; the scammer did not send bitcoins, instead delayed and said things like "think of this as a loan".  Months went by without payment.

On Dec 19, LadyPearl entered otc.  The phone number she used and IP address(es) she used matched the contact info used by Chris Edwards.  She sent btc to Episking- who eventually heard from Arij about the connection and a #bitcoin-court case ensued on Dec 20.

http://66.68.146.89/otc/?ladyp*&ralph\_*&huskersman
http://66.68.146.89/otc/?*173.21.100.*&*166.182.80.42*

It was agreed in the 'court' proceedings that Arij would be reimbursed from the btc that Episking held, so that matter may be resolved.

However, be advised to be cautious when dealing with any of these names:
  Chris Edwards
  L****** Bergman
  A******  Lewis

  nickname Ralph__
  nickname Huskersman
  nickname LadyPearl

  phone 319-750-2**9
  email Crhsi Edwards <cedwards212012@gmail.com>

perhaps there are more aliases.  perhaps the parties involved will post more info or logs in this thread.

[DO NOT ACCEPT WALLET.DAT FROM ANYONE. DO NOT TRY TO OPEN A .DAT FILE THAT YOU DON'T FULLY TRUST.]

This didn't happen to me, I'm just passing on the info in interest of protecting people or getting some answers

short version:  a day or two ago, aethero received a wallet.dat from someone who claimed they couldn't open it, asking for help. thinking it was harmless, he tried to open it, and believes it was an exploit.  Seisatsu mentions that LRP tried the same thing on him

DO NOT ACCEPT WALLET.DAT FROM ANYONE.
DO NOT TRY TO OPEN A .DAT FILE THAT YOU DON'T FULLY TRUST.

(timezone: US Central - Austin/Chicago)

[12-19 17:56] <aethero> ;;rate lrp -10 Sent me the currupted and most likely hostile wallet.dat file
[12-19 17:57] <+TheButterZone> http://66.68.146.89/otc/query.php?imperial
[12-19 17:57] <@gribble> Rating entry successful. Your rating of -10 for user lrp has been recorded.
[12-19 17:57] <Keltic> he still an asshole?
[12-19 17:57] <Seisatsu> ah
[12-19 17:57] <+ReliableSource> aethero: lrp was the one with the .dat fil??
[12-19 17:57] <Seisatsu> He was telling me last night
[12-19 17:57] <aethero> Believe so
[12-19 17:57] <+ReliableSource> wow
[12-19 17:57] <+ReliableSource> this guy gets around
[12-19 17:57] <Seisatsu> how his bitcoin software kept crashing
[12-19 17:57] <aethero> Yes
[12-19 17:57] <Seisatsu> and he'd send me his wallet so I could get his key out
[12-19 17:57] <aethero> Its a wallet.dat file with exploit code.
[12-19 17:57] <Seisatsu> so he could auth
[12-19 17:57] QUIT , Reite , , *!~Reite@cm-84.211.71.25.getinternet.no , "Ping timeout: 276 seconds"
[12-19 17:57] <aethero> I had to format the moment I opened it in my qt
[12-19 17:57] <+ReliableSource> please post about this on the forums
[12-19 17:57] <aethero> DO NOT OPEN HOSTILE WALLET.DAT FILES
[12-19 17:57] <Seisatsu> when he found out I was going to use a third party program to extract the key
[12-19 17:57] <Seisatsu> he never sent it

here's some more background
http://66.68.146.89/otc/?*76.124.34.93*

[12-17 19:02] JOIN , MountainDew , #bitcoin-otc , *!4c7c225d@gateway/web/freenode/ip.76.124.34.93 ,
...
[12-17 19:22] <MountainDew> and blockchain.info won't import my wallet.dat

see also http://bitcoin-otc.com/viewratingdetail.php?nick=LRP

[12-18 10:53] <aethero> **[PUBLIC SERVICE ANNOUNCEMENT]  Do _not_ open wallet.dat files in your bitcoin client unless they are from a trusted person.
[12-18 10:53] <+jcpham> can -qt execute a binary
[12-18 10:53] <Enrico1> sounds like a basic thing
[12-18 10:53] <aethero> Apparently there is an exploit. I was infected last night by a hostile wallet.dat file.
[12-18 10:53] <+jcpham> code excution is a basic thing
[12-18 10:54] <Enrico1> you'd think that "wallet" files would be like the bitcoin "documents", things that can be "opened" by the bitcoin program
[12-18 10:54] JOIN , praeconium , #bitcoin-otc , *!~praeconiu@46.33.222.148 ,
[12-18 10:54] <+jcpham> i wouldn't think that in a windows environment
[12-18 10:54] <+jcpham> anything is possible in windows now
[12-18 10:54] <+Cusipzzz> aethero: you sure it was wallet.dat and not walletdat.exe?
[12-18 10:54] JOIN , manuelol , #bitcoin-otc , *!579f9b93@gateway/web/freenode/ip.87.159.155.147 ,
[12-18 10:54] <aethero> Yes.
[12-18 10:54] <FonziScheme> thanks, aethero.  (but why would you open a strange wallet.dat? I'm curious)
[12-18 10:54] <Enrico1> but if bitcoin has this problem, it's quite a problem
[12-18 10:54] <savetheintermac> aethero: did it manage to steal any of your coins? (i assume that's its purpose)
[12-18 10:55] <aethero> Nope. I keep all of my coins in an offline cold wallet.
[12-18 10:55] <+jcpham> so common sense is still common sense
[12-18 10:55] <+Cusipzzz> would like to see the file, assuming no money in it of course
[12-18 10:55] <aethero> Cusipzzz PMing
[12-18 10:55] <+jcpham> me too!
[12-18 10:55] <+Cusipzzz> did you post it on the forums?
[12-18 10:55] <aethero> Not yet
[12-18 10:55] <FonziScheme> me 3!
[12-18 10:55] <aldur1> any prodigy fans here?
[12-18 10:56] <+jcpham> i want it,especially if it's a binary
[12-18 10:56] <+jcpham> also i think aethero uses armory
[12-18 10:57] <+jcpham> if screenshot memory serves me correctly
[12-18 10:57] <+Cusipzzz> ahhh, armory? may explain it. prob intentional, from the devs
[12-18 10:57] JOIN , Cylta , #bitcoin-otc , *!~user@94.197.127.86.threembb.co.uk ,
[12-18 10:57] <aldur1> FonziScheme: you in the uk?
[12-18 10:57] <aldur1> i have some spare tickets for tonights london gig
[12-18 10:58] <FonziScheme> nope. USA
[12-18 10:58] <aldur1>
[12-18 10:58] <+jcpham> i'm what you call a visual learner
[12-18 10:58] <+jcpham> difficult to forget what i see
[12-18 10:58] <+Cusipzzz> prodigy was pretty good. cheaper than Compuserve too
[12-18 10:58] <manuelol> the user savetheintermac(here in the chat) identified himself to me as the user savetheinternet,which i checked with the command
[12-18 10:58] <manuelol> is it then okay to deal with him?
[12-18 10:58] <FonziScheme> I think savetheintermac == savetheinternet.  is he authed?
[12-18 10:59] <FonziScheme> ;;ident savetheintermac
[12-18 10:59] <+pigeons> ;;gettrust manuelol [ident savetheintermac]
[12-18 10:59] <@gribble> Trust relationship from user manuelol to user savetheinternet: Level 1: 0, Level 2: 0 via 0 connections. Graph: http://serajewelks.bitcoin-otc.com/trustgraph.php?source=manuelol&dest=savetheinternet
[12-18 10:59] <+jcpham> ;;ident FonziScheme
[12-18 10:59] <@gribble> Nick 'FonziScheme', with hostmask 'FonziScheme!farg@unaffiliated/fbastage', is not identified.
[12-18 10:59] <FonziScheme> gribble says he's savetheinternet [12-18 11:00:13] <gribble> Nick 'savetheintermac', with hostmask 'savetheintermac!~sti@CPE-58-175-28-253.mqdl1.lon.bigpond.net.au', is identified as user savetheinternet, with GPG key id 080CC10AC3E7E093, key fingerprint 9D8100004B70196CD780C3C0080CC10AC3E7E093, and bitcoin address None
[12-18 10:59] <+pigeons> ;;gettrust [ident savetheintermac]
[12-18 10:59] <@gribble> Trust relationship from user pigeons to user savetheinternet: Level 1: 0, Level 2: 7 via 5 connections. Graph: http://serajewelks.bitcoin-otc.com/trustgraph.php?source=pigeons&dest=savetheinternet
[12-18 11:01] <aethero> Cusipzzz no, this had nothing to do with armory
[12-18 11:01] <aethero> I specifically loaded this in bitcoin-qt
[12-18 11:02] <+pigeons> where did you get the file? what happened?
[12-18 11:02] <manuelol> yes i get the in gribble this ...is identified as user savetheinternet, with GPG key id....
[12-18 11:03] <+jcpham> so no armoury
[12-18 11:03] <+jcpham> this is a -qt wallet
[12-18 11:03] <+jcpham> what is the source, be vague
[12-18 11:03] <aethero> I no longer have logs as I immedately pulled my net connection and wiped my system, but there was a guy in here last night who was having issues with his wallet.dat file. He asked for help because the wallet.dat crashed his QT every time he loaded it. I grabbed the file and loaded it in mine.
[12-18 11:04] * gribble sets mode: +v StoneHead
[12-18 11:04] <+jcpham> hrm
[12-18 11:04] <aethero> He needed to auth with gribble using one of the private keys
[12-18 11:04] <+jcpham> so i need a new virtual machine for this
[12-18 11:04] <+jcpham> that's what you are saying to me
[12-18 11:04] <aethero> Yes
[12-18 11:04] <+jcpham> with -qt
[12-18 11:04] <aethero> I was going to spin up a VM for it, but I figured there was almost 0 chance of there being an exploit
[12-18 11:05] <FonziScheme> and what do you mean when you say you were "infected"?  what happend?
[12-18 11:05] <FonziScheme> also, which version of qt were you running?
[12-18 11:05] <Enrico1> you can't tell these things. it's not like the flu that you can tell when you are ill
[12-18 11:05] <+jcpham> actually i don't need a vm
[12-18 11:06] <FonziScheme> and yet, he's telling us these things
[12-18 11:06] <+jcpham>  i have a pc right here i can throw away
[12-18 11:06] <+helo> pcs have feelings too
[12-18 11:06] <aethero> I dont remember. It was either latest stable or the one right before that. I was able to sign a message for him to change nicks with gribble. The wallet showed 2.6 coins in it, which I attempted to send, which is when the QT client crashed. I think I still have a pic of the error message, one sec
[12-18 11:07] <Enrico1> a core dump would be better, but i guess you are on windows?
[12-18 11:07] QUIT , darkee| , , *!~darkee@gateway/tor-sasl/darkee , "Read error: Connection reset by peer"
[12-18 11:07] JOIN , Sealy , #bitcoin-otc , *!~Sealy@unaffiliated/sealy ,
[12-18 11:07] <+pigeons> it crashed, but what made you think it tried to execute code or was even crafted to crash?
[12-18 11:07] JOIN , darkee| , #bitcoin-otc , *!~darkee@gateway/tor-sasl/darkee ,
[12-18 11:08] <aethero> Well, his behavior the whole time was suspicious, so after it crashed I checked for any unknown processes. There was a new startup entry that I did not recognize in autoruns
[12-18 11:08] <aethero> At that point I pulled my net connection and formatted
[12-18 11:08] JOIN , a5m0 , #bitcoin-otc , *!~a5m0@cpe-76-187-157-34.tx.res.rr.com ,
[12-18 11:08] QUIT , a5m0 , , *!~a5m0@cpe-76-187-157-34.tx.res.rr.com , "Changing host"
[12-18 11:08] JOIN , a5m0 , #bitcoin-otc , *!~a5m0@unaffiliated/a5m0 ,
[12-18 11:08] <+pigeons> and you don't have a backup of the file?
[12-18 11:08] QUIT , taub , , *!~taub@ip-109-47-246-56.web.vodafone.de , "Read error: Connection reset by peer"
[12-18 11:08] <aethero> I already PM'd the wallet.dat to Cusipzzz and jcpham

somewhat related news, LRP allegedly scammed Seisatsu and bottles in #bitcoin-otc

[ALWAYS make sure your counterparty is authenticated]

when in IRC: #bitcoin-otc  ALWAYS make sure your counterparty is authenticated with gribble. Accept no excuses.

Please also register your name with Nickserv and turn ENFORCE on

Code:

/msg nickserv register <password> <email>
/msg nickserv set enforce on

There's a confidence trickster 'squatting' on names in the Web Of Trust (using their nickname; usually these are people in the WOT that haven't been active lately) scamming people in the chatroom for BTC, gift cards, etc.

avoid anyone using the following information:
email: matto_12345@hotmail.com
aliases: daMATTAii    (google reveals a history of gaming)
      MAINACCOUNT2  (well-known scammer in OTC: http://bitcoin-otc.com/viewratingdetail.php?nick=MAINACCOUNT2 )
btc address: 1F1LrYeRbEz25HJiJosZ7v3k6cPsnkFTyi

http://pastebin.com/x2x40q5f
http://pastebin.com/dCYFEcWE as citiz3n vs Lepton
http://pastebin.com/tZGfkjNG

examples:

== MichaelNightTime ~qeqweqe 187-78-211-207.user.veloxzone.com.br * ...
== silvercoin [~qeqweqe@vsat-148-64-57-102.c050.t7.mrt.starband.net]

 == bitcoinmarket24 [~goldrolex@host-103-178-3-96.midco.net]


"Nick 'silvercoin', with hostmask 'silvercoin!~qeqweqe@vsat-148-64-57-102.c050.t7.mrt.starband.net', is identified as user MAINACCOUNT2, with GPG key id None, key fingerprint None, and bitcoin address 1F1LrYeRbEz25HJiJosZ7v3k6cPsnkFTyi"

I lent kingkatari 31 btc on 8/5/2012 at 9% per month, to be paid on the 10th of each month in an amount no less than $60 USD.  I believe 2 others made identical loans to him on that date.  his current balance with me is 36.8311 btc.

he solicited the loan and the terms were his idea.

Not only has he disappeared, missing 2 payments (100% failure rate), with an implausible story about getting hit by a semi truck and being in the hospital (his 'wife' logged onto IRC to reveal this), but he does not respond to emails or phone calls.

I see he is active again on bitcointalk and his twitter.

people should be aware that he is a scammer.

Nicholas Lee Gould
813-367-7534
11209 Sarajoe Bright Pl
Seffner, FL 33584