[Solved] I smell scam here - I think bitmarket.io is a scammer

[Lutpin]

All  accounte here should be hacked and using a due diligence is always  the best way .

True words, my brother, true words.
(I hope your english teacher is proud right now.)

Why would he risk his reputation for a few dollars - it Just doesn't add up.

That's what he currently is doing though.
Not saying that there isn't some blame with the two lenders aswell (there is IMO),
but at the end of the day, "his reputation" comes down to whether or not he is willing to repay the damage done with his account.

[1715176514]

1715176514

[1715176514]

1715176514

[1715176514]

1715176514

[1715176514]

1715176514

[Bettwarm]

All  accounte here should be hacked and using a due diligence is always  the best way .

True words, my brother, true words.
(I hope your english teacher is proud right now.)

Haha, so funny!  

Why would he risk his reputation for a few dollars - it Just doesn't add up.

That's what he currently is doing though.
Not saying that there isn't some blame with the two lenders aswell (there is IMO),
but at the end of the day, "his reputation" comes down to whether or not he is willing to repay the damage done with his account.

I think $150 scam is prety much for his account, because people do one trade and the user gets positive trust.
I think it is too easy obtained, so that is why he got profit of his account this way. I think it all makes sense.

[Michail1]

I think $150 scam is prety much for his account, because people do one trade and the user gets positive trust.
I think it is too easy obtained, so that is why he got profit of his account this way. I think it all makes sense.

Uhh, what?
I am surprised you think $150 is a lot of money knowing he is selling an $7k coin and has history with not only bitcointalk, but with trading on IRC as well.

Your statement implies that he is a new user that just setup shop to scam someone for $75. - Ummm, his account is nearly 3 years old.
This is an old enough account to attract many scammers.  If you look at a search of similar users, you can see those being created...
https://bitcointalk.org/index.php?action=profile;u=386566
https://bitcointalk.org/index.php?action=profile;u=482768
https://bitcointalk.org/index.php?action=profile;u=508040
and many others.

I am not saying the two people scammed for bitcoin are wrong.  Had I seen the lending thread request, I would have also likely had fallen for it.  Knowing his reputation and for such a small amount, I would have gladly have sent.  It's simply not worth my time to go through all the possible verification to make sure it was him without a doubt.

Also funny are the comments made that he logged off after recovering the account.  Bitcoin may be 24 hours a day, but I sleep at night like most people as well.

[traderbit]

Just to throw it out there.

I've been on here since 2013 - Bitmarket.IO has always come across as straight down the line in all of his posts.

The mans sat on more physical Bitcoin than most of us will ever see in our lifetime, long list of positive trading history and I've never seen him in the lending section - for $75? He's got coins for sale at the moment for $8000.

Why would he risk his reputation for a few dollars - it Just doesn't add up.

I'm prepared to be proved wrong but my spider senses tell me he hasn't done shit.

That's why i trusted him firstly by sending the money and forgot to require signed message.

Sorry about the scam.
If you don't mind me asking, how do we check the "Who's online" page?

I have got few PMs asking me for this, here is the link: https://bitcointalk.org/index.php?action=who and you can search through the pages.

Uhh, what?
I am surprised you think $150 is a lot of money knowing he is selling an $7k coin and has history with not only bitcointalk, but with trading on IRC as well.

How can i contact the real bitmarket.io through IRC? or any other source?

[owlcatz]

I think he means he probably used to trade coins on IRC here, https://bitcoin-otc.com/ .

[Bettwarm]

I think that this situation is still weird. Two "hacks" as of now, is it the same hacker?
How is this actually possible for your account to get hacked. People with high trust should have high securtiy password and be fooled so easly(phising). Any updates?

[Zyro]

I think that this situation is still weird. Two "hacks" as of now, is it the same hacker?
How is this actually possible for your account to get hacked. People with high trust should have high securtiy password and be fooled so easly(phising). Any updates?

Would be great to know exactly how these hacks happened.  course might not be possible to know for sure.

[traderbit]

I think that this situation is still weird. Two "hacks" as of now, is it the same hacker?
How is this actually possible for your account to get hacked. People with high trust should have high securtiy password and be fooled so easly(phising). Any updates?

Would be great to know exactly how these hacks happened.  course might not be possible to know for sure.

I believe that these accounts were hacked a little while before and acted like nothing happened and starting the scamming after a while. There were some phishing links, similar to bitcointalk link, and many any altcoin wallet had malware.

[Michail1]

I think that this situation is still weird. Two "hacks" as of now, is it the same hacker?
How is this actually possible for your account to get hacked. People with high trust should have high securtiy password and be fooled so easly(phising). Any updates?

What two hacks?  The claim is that it was a single hack (not necessarily a hack but that his password was leaked - either by bct, or keylogger, or another hacked site that he uses the same pw on).
- Single hack/phish of the account.

High Trust with high security?  Ha.  BCT isn't a high security site.  2FA would be nice, but doesn't exist.

Hackers/Scammers try all the time.  In fact, I had a spoofed number (ATT) calling me regarding my billing dispute (of which I don't have), and the Indian wanted me to confirm my account with my mothers maiden name.  I said, "You called me, I don't need to verify it."   He hung up.   The idiot then started texting me and hour later from a 305 area code as if he was my son (whom was sitting in front of me watching TV) and asking me where my parents met, pets first name, name of a high school I attended, etc etc for a report he was doing in school.  Yup, I answered every question he asked and hoped he did well on his report.  Of course, he might not get a good grade when he reports my parents met in Saturn and I graduated in 1942 from Nacho High in New Mexico.  (Obviously my parents were aliens and I was eating Mexican food when he was texting me while my real son was playing 1942 on the arcade system).

He was asking specific security questions used for my email.

PS.  My favorite part was when asking my mothers maiden name, I said it was the same since they were cousins, so she didn't have to change her name.
Also, he signed a message as my son with a name, but it wasn't my sons name.  It was the name I used a decade ago when I signed up for xbox live and later Steam.

There are others that have confirmed the phone number used as attempts at them have been made.  It's obviously bitcoin related.

Sorry, guess I should have started another thread.

Wasn't the BCT DB once hacked/downloaded and they required everyone to change their password once already?

[Bettwarm]

I think that this situation is still weird. Two "hacks" as of now, is it the same hacker?
How is this actually possible for your account to get hacked. People with high trust should have high securtiy password and be fooled so easly(phising). Any updates?

What two hacks?  The claim is that it was a single hack (not necessarily a hack but that his password was leaked - either by bct, or keylogger, or another hacked site that he uses the same pw on).
- Single hack/phish of the account.

High Trust with high security?  Ha.  BCT isn't a high security site.  2FA would be nice, but doesn't exist.

Hackers/Scammers try all the time.  In fact, I had a spoofed number (ATT) calling me regarding my billing dispute (of which I don't have), and the Indian wanted me to confirm my account with my mothers maiden name.  I said, "You called me, I don't need to verify it."   He hung up.   The idiot then started texting me and hour later from a 305 area code as if he was my son (whom was sitting in front of me watching TV) and asking me where my parents met, pets first name, name of a high school I attended, etc etc for a report he was doing in school.  Yup, I answered every question he asked and hoped he did well on his report.  Of course, he might not get a good grade when he reports my parents met in Saturn and I graduated in 1942 from Nacho High in New Mexico.  (Obviously my parents were aliens and I was eating Mexican food when he was texting me while my real son was playing 1942 on the arcade system).

He was asking specific security questions used for my email.

PS.  My favorite part was when asking my mothers maiden name, I said it was the same since they were cousins, so she didn't have to change her name.
Also, he signed a message as my son with a name, but it wasn't my sons name.  It was the name I used a decade ago when I signed up for xbox live and later Steam.

There are others that have confirmed the phone number used as attempts at them have been made.  It's obviously bitcoin related.

Sorry, guess I should have started another thread.

Wasn't the BCT DB once hacked/downloaded and they required everyone to change their password once already?

That is obvious if someone calls u and asks those things. Those are typical security questions.
Bitcointalk was hacked once, mayby the DB was sold and now they actually try to login into a few accounts, but I think many people have changed password. Was Satoshi's account not hacked also then?

[traderbit]

...
That is obvious if someone calls u and asks those things. Those are typical security questions.
Bitcointalk was hacked once, mayby the DB was sold and now they actually try to login into a few accounts, but I think many people have changed password. Was Satoshi's account not hacked also then?

I don't have access to see when was the last time that bitmarket.io changed the password maybe mods or theymos can check it.
P.S resetting the password through security question will lock your account.

[theymos]

The PM quoted by traderbit was legitimately sent by bitmarket.io.

His password changes were:
2016-05-13 21:24:34 Change password
2015-09-10 15:29:41 Reset via email
2015-05-25 14:47:36 Change password

All three were done by the same IP, so it seems that his account was never taken over by anyone. I suppose it's possible that some malware on his computer stole his cookie or something. I can't find any evidence confirming or contradicting whether he sent that PM specifically.

[ThirstyMoon]

Here's the message he sent me on May 13th:

Hey, if you still need the 75$ loan, I can send it to you.

Regards.

Hi, I haven't got it yet. That would be great.

Thank you.

Tough luck he chose to scam us for such a low amount. Wouldn't suspect a Hero member to go this low.

[Michail1]

Here's the message he sent me on May 13th:

Hey, if you still need the 75$ loan, I can send it to you.

Regards.

Hi, I haven't got it yet. That would be great.

Thank you.

Tough luck he chose to scam us for such a low amount. Wouldn't suspect a Hero member to go this low.

Did you read something into Theymos's statement that no one else can see.
He simply said the password was changed from the same IP the password was change from last year.

He did NOT say that account was or wasn't logged into from another IP address.
He did NOT say that several attempts were made on the account or not.
And, that's also not to say that malware / JRAT wasn't installed on his machine although less likely since he was, what appears to be, on at the same time as the 'hacker'.

It would have been in bitmarket.io's benefit had theymos said the account was logged into via diff browser sessions and/or types and/or IPs.

The only thing the statement (from theymos) confirms is that the password was changed once (after the loan(s)) since last year.

That said, I think bitmarket should have paid off the stupid $150 just to save face to blow the issue away (his fault or not).

[ThirstyMoon]

My English comprehension skills are just fine, thanks.

As theymos was the only one who might have given us a straight answer for what might have happened with the account, his evidence is inconclusive. Which doesn't prove either or.

All the replies given in this thread by bitmarket.io include stuff like: your money is lost, "fuck you" and i thought I receive other people's messages.

I know Trusted on sites like this doesn't imply a person is a good human being, but the way bitmarket.io handles this situation (or the lack of effort for it), makes me want to not let him loose that easily.

To Michail1, if theymos has any way of gathering data on all the points you noted he did NOT mention, I would be really grateful to him if he does share it with us. Otherwise what you wrote is no less speculation than what I suspect to have happened.

[traderbit]

The PM quoted by traderbit was legitimately sent by bitmarket.io.

His password changes were:
2016-05-13 21:24:34 Change password
2015-09-10 15:29:41 Reset via email
2015-05-25 14:47:36 Change password

All three were done by the same IP, so it seems that his account was never taken over by anyone. I suppose it's possible that some malware on his computer stole his cookie or something. I can't find any evidence confirming or contradicting whether he sent that PM specifically.

Thanks for clarifying this theymos, i was really surprised by him, when i sent him the money he replied to me like "dafuq" and i was surprised.
Quickseller got the scammer account on his deal (loan), but this  does not apply to me right? I can't get his account because was not on the deal?

[Michail1]

My English comprehension skills are just fine, thanks.

As theymos was the only one who might have given us a straight answer for what might have happened with the account, his evidence is inconclusive. Which doesn't prove either or.

All the replies given in this thread by bitmarket.io include stuff like: your money is lost, "fuck you" and i thought I receive other people's messages.

I know Trusted on sites like this doesn't imply a person is a good human being, but the way bitmarket.io handles this situation (or the lack of effort for it), makes me want to not let him loose that easily.

To Michail1, if theymos has any way of gathering data on all the points you noted he did NOT mention, I would be really grateful to him if he does share it with us. Otherwise what you wrote is no less speculation than what I suspect to have happened.

I agree with everything you said.

It is obvious the site tracks IP use as has been shown many times in the past.  It could have been easily shown that the account was being used by two ips at the same time, but instead only shown that the password was changed which everyone already knew by the screen shot of whosonline.  Theymos clearly has more information than what he indicated; however, in his defense, I don't recall anyone asking for it either.

[Quickseller]

I would interpret theymos's statement on the matter to say that the IP address/browser fingerprint of the person who created the lending thread in question was different from the IP address/browser that bitmarket.io usually uses. I would also interpret his statement to say that the IP address/browser fingerprint combination to not match any known forum user (and/or previously known hacker).

If you were to assume the above is true, then it would not show that someone besides the "real" bitmarket.io was the one who posted asking for the loan, nor does it mean that his account was in fact not hacked.

I would still say that, regardless of conclusive evidence of a hacking, that bitmarket.io should repay the loans that were taken out in his name, as the lenders relied upon his reputation when they gave the loan and it is bitmarket.io's responsibility to maintain the security of his account. The only way that I would excuse this would be if the forum was hacked, and as a direct result of this, someone was able to post from bitmarket.io's account, however I have not seen any evidence to back this up.

[Michail1]

I would interpret theymos's statement on the matter to say that the IP address/browser fingerprint of the person who created the lending thread in question was different from the IP address/browser that bitmarket.io usually uses. I would also interpret his statement to say that the IP address/browser fingerprint combination to not match any known forum user (and/or previously known hacker).

If you were to assume the above is true, then it would not show that someone besides the "real" bitmarket.io was the one who posted asking for the loan, nor does it mean that his account was in fact not hacked.

I would still say that, regardless of conclusive evidence of a hacking, that bitmarket.io should repay the loans that were taken out in his name, as the lenders relied upon his reputation when they gave the loan and it is bitmarket.io's responsibility to maintain the security of his account. The only way that I would excuse this would be if the forum was hacked, and as a direct result of this, someone was able to post from bitmarket.io's account, however I have not seen any evidence to back this up.

I see it differently.

theymos did not say the use of the account was from or from not an IP.  You can't interpret anything other than the fact he said the password was changed from the same IP on a prior password change.  There was never a claim that the hacker changed the password.  The claim was that the hacker was using the account at the same time as him and theymos didn't even touch on the subject of login IP's.  In the idea of the session id being use, theymos also didn't touch on the subject of IPs used for posts or PMs or even is the site tracks this information.

At this point, we can only confirm that the site tracks IPs of password changes based on what he said.

I am not saying bitmarket did or didn't do this.  I am only saying that the Theymos response leaves much of this open.

[Quickseller]

I would interpret theymos's statement on the matter to say that the IP address/browser fingerprint of the person who created the lending thread in question was different from the IP address/browser that bitmarket.io usually uses. I would also interpret his statement to say that the IP address/browser fingerprint combination to not match any known forum user (and/or previously known hacker).

If you were to assume the above is true, then it would not show that someone besides the "real" bitmarket.io was the one who posted asking for the loan, nor does it mean that his account was in fact not hacked.

I would still say that, regardless of conclusive evidence of a hacking, that bitmarket.io should repay the loans that were taken out in his name, as the lenders relied upon his reputation when they gave the loan and it is bitmarket.io's responsibility to maintain the security of his account. The only way that I would excuse this would be if the forum was hacked, and as a direct result of this, someone was able to post from bitmarket.io's account, however I have not seen any evidence to back this up.

I see it differently.

theymos did not say the use of the account was from or from not an IP.  You can't interpret anything other than the fact he said the password was changed from the same IP on a prior password change.  There was never a claim that the hacker changed the password.  The claim was that the hacker was using the account at the same time as him and theymos didn't even touch on the subject of login IP's.  In the idea of the session id being use, theymos also didn't touch on the subject of IPs used for posts or PMs or even is the site tracks this information.

At this point, we can only confirm that the site tracks IPs of password changes based on what he said.

I am not saying bitmarket did or didn't do this.  I am only saying that the Theymos response leaves much of this open.

I can say for a fact that the forum tracks IP addresses, and that the administrators can track you even if you are using tor.

I am not 100% sure about the forum tracking the IP address when a PM is sent nor am I sure about logging in to your account. There is a "privacy policy" (somewhat) posted here.

The reason for my conclusion was that theymos said that he has not seen conclusive evidence that bitmarket.io's account was hacked one way or another:

I can't find any evidence confirming or contradicting whether he sent that PM specifically.