BitcoinVanity/Nibor SCAM ALERT {PICS}

[18RATTT]

Greetings,
First of all, i dont expect get my money back, im just hoping that with this thread people will be aware of my issue with the following suspect; and please draw your own conclusion.

hi nibor, couple months ago i create a vanity address from your website, and get this address 1tiyoFX7y8FG7pJkczdWXPR6tRHy13ecg

and just today, i was doing my first bitcoin transaction with that address. I deposited 1 btc.
however, in mere 1 hour, after i got the btc fund, that 1 btc is immediately "gone".

this is the transaction log:
1 BTC 15V2xE6WYKMhLAiECSXbQGrTg26eiYjtw3 ----> 1tiyoFX7y8FG7pJkczdWXPR6tRHy13ecg (2013-08-13 09:24:57)

1 BTC 1tiyoFX7y8FG7pJkczdWXPR6tRHy13ecg  ----> 12N91KQAKtfANdVDunfEZoqc14AekjF2SJ (2013-08-13 10:23:05)

there is unauthorized withdrawal transaction (im using a secure blockchain/wallet). so the only suspect in this would be nibor, as the one who operate https://bitcoinvanity.appspot.com and own the 1tiyoFX's "part-private-keys".

here's the link to my transaction log in blockchain.com/wallet http://imgbox.com/abzPmAzK

the email that i got from bitcoinvanity when they found my vanity address (dated 19th april 2013) http://imgbox.com/abu8g58d
(censored some of the keys information, let me know if u guys want the uncensored version)

the funny thing is, i was about to use that address to transfer someone 30 btc, i sent 1btc from my XPM mining first, and then i went for a lunch and planning to sent the rest after that, when i got back this thing happen. fiuh!!

[TierNolan]

That shouldn't be possible, the website doesn't actually have your keys (or at least it shouldn't).

It would be worth getting someone to check the javascript on their website.

There have been some problems with keys lately.  However, that shouldn't apply if you only used it once.

[freedomno1]

This seems interesting never heard of the vanity generators being able to see your keys.
But worth bumping up

[theDF]

Hmmm.... This is so interesting, how do they can found out the another part private key?

[18RATTT]

Hmmm.... This is so interesting, how do they can found out the another part private key?

they sent the other part.private.key thru email, dont they at least keep record of what they sent out from their email ??

[theDF]

Hmmm.... This is so interesting, how do they can found out the another part private key?

they sent the other part.private.key thru email, dont they at least keep record of what they sent out from their email ??

Ah.... I see

[daemondazz]

Hmmm.... This is so interesting, how do they can found out the another part private key?

they sent the other part.private.key thru email, dont they at least keep record of what they sent out from their email ??

They aren't meant to generate both private parts. You generate one part and give them the public portion. They then generate the second part using the public fingerprint you provide and then they provide the private part they generate to you once the address has been generated. You then recombine both the private part you generated up front and what they provide.

There should not be any way they can get both private parts unless you provided them, and that's no different than just giving them the full private key to your address...

[balanghai]

Or maybe this is just a trap? And some good blackhat team behind this huge phishing.This might not be good.

[jackjack]

Using a partial private key that was provided to you is suicide

[nibor]

As is said in the instructions. It is totally impossible for the site to know your private key and steal your bitcoins.

We were sent a private message by the poster, we replied explaining the situation, but the poster has ignored the facts.

The site has generated 4000 addresses and nobody else has complained.

See: https://bitcoinvanity.appspot.com/sp/help section "How can you not know the private key?" for explanation.

[b!z]

they use splitkey vanity, how is it possible for them to get your half private key?

[EFS]

Any news about this?

[jackjack]

As is said in the instructions. It is totally impossible for the site to know your private key and steal your bitcoins.

We were sent a private message by the poster, we replied explaining the situation, but the poster has ignored the facts.

The site has generated 4000 addresses and nobody else has complained.

See: https://bitcoinvanity.appspot.com/sp/help section "How can you not know the private key?" for explanation.

they use splitkey vanity, how is it possible for them to get your half private key?

It's not impossible for bitcoinvanity to know your private key if you use the partial private key it provides you (the javascript code provided by it can be modified for a certain IP, time of the day, whatever)
I don't say the admin does scam, I just say he can if you can't inspect the javascript code AND if you use the partial private key the site provides

Bottom line: USE YOUR OWN PARTIAL PRIVATE KEY AND YOU'RE 100% SAFE!

[ActualAdviceBTC]

Nope, this is definitely a confirmed scam, I just got robbed along with a bunch of other addresses that are obviously vanity addresses.
https://blockchain.info/tx/9e95fd443621d3d9fc150f290144401feb1627573c9161beb08edb472069a819

[mdzedzej]

https://bitcointalk.org/index.php?topic=535228.0

ive provided a link to the warning on blockchain by their support

[freedomno1]

https://bitcointalk.org/index.php?topic=535228.0

ive provided a link to the warning on blockchain by their support

Connected from that thread to their response
https://bitcointalk.org/index.php?topic=118968.0

I think your right it was a scam after all