Bitcoin Forum
November 10, 2024, 04:30:13 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Need Help Please, I think this guy SCAM ( fool me ) ..  (Read 2275 times)
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 06:44:54 AM
 #1

Hi All,

Could somebody help me ?

I traded  2.1 BTC with someone with Cash in IDR ( there's still few BitCoin  market in my country ), everything seem ok. And after i have deal and transfer the money, instead the sending the BTC to my wallet, he give me private key  to be scaned on the blockchain wallet.  He said to make no fee transaction, i accepted his argue. So i scanned and import it, and i can see my wallet has been added with the 2.1 BTC.  But there's problem when i trying to move the BTC to my empty wallet it always have warning ' invalid signature ' and i cannot move the BTC. Then he said should wait for 24 hour before can spend it. But it not gonna make it.

So could somebody explain,  if this guy trying go fool me ??

Thanks,
Cheers
Lucky Cris
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
February 05, 2014, 06:48:25 AM
 #2

Good lord!

He gave you a private key that he still has access to. Next time have the coins sent to your wallet immediately during the sale.

Are the coins still at the address?

ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 06:55:40 AM
 #3

Hi Lucky,

Yes  the coin still on my wallet , but i cannot make to move  or  to spend it, there always has warning. ' Invalid signature '
Lucky Cris
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
February 05, 2014, 07:07:29 AM
 #4

Hi Lucky,

Yes  the coin still on my wallet , but i cannot make to move  or  to spend it, there always has warning. ' Invalid signature '

Have you tried to import the private key?

ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 07:34:10 AM
 #5

Yes already, now in my blockchain wallet i have two address, my own address, and the address of Bitcoin Seller
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 05, 2014, 08:34:19 AM
 #6

Yes already, now in my blockchain wallet i have two address, my own address, and the address of Bitcoin Seller

If using blockchain.info, generate a new address, therefore one which only you control, and send the coins you received to it. If you can do this, you're okay.

If you cannot move the coins, it is because you have imported a public key which is for your purposes the same as an address. You must import the private key. If you only received one string of letters / one QR code, and you cannot do anything but look at it, yes, it would appear you may have been had.

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 09:00:00 AM
 #7

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..
b!z
Legendary
*
Offline Offline

Activity: 1582
Merit: 1010



View Profile
February 05, 2014, 12:03:58 PM
 #8

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..

Bitcoins are held in the private key, not in the account.

Ask him to send the BTC to your own address. Otherwise ask for your money back.
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 04:05:47 PM
 #9

serotin
Member
**
Offline

Activity: 70


Minning powa


View Profile  Personal Message (Offline)
Trust: -6: -1 / +0(0)
Warning: Trade with extreme caution!
(No subject)
« Sent to: ironmask on: Today at 07:46:09 AM »
Reply with quoteQuote  ReplyReply  Remove this messageDelete 
i can help you out with the problem
give me the private key and your permanent wallet adress,i will transfer them to your main wallet


Why you PM me, help with on public area please, i will appreciated
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 04:25:41 PM
 #10

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..

Bitcoins are held in the private key, not in the account.

Ask him to send the BTC to your own address. Otherwise ask for your money back.

yes he gave me the private key, just curious maybe the private key already passworded
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 05, 2014, 04:39:12 PM
 #11

serotin
Member
**
Offline

Activity: 70


Minning powa


View Profile  Personal Message (Offline)
Trust: -6: -1 / +0(0)
Warning: Trade with extreme caution!
(No subject)
« Sent to: ironmask on: Today at 07:46:09 AM »
Reply with quoteQuote  ReplyReply  Remove this messageDelete  
i can help you out with the problem
give me the private key and your permanent wallet adress,i will transfer them to your main wallet


Why you PM me, help with on public area please, i will appreciated

Well at least you know not to fall for that business.

Okay, let's figure out what's happening here. Give us the address in question. This is the PUBLIC one — technically, when we say address we mean the hashed and Base58-encoded version of the public key. These are the same thing, just displayed differently. Assuming you received it in a normal format (and you must have, because you imported it into a blockchain.info wallet, which only accepts major formats), you're looking for a string of characters beginning with 1, no less than 27 characters long, and no more than 34.

My forum address has a few vanity characters at the front, and looks like this: 1FENiXqLFhJQeoMA5rVAGXGjTgHgSNz7Sc

As you noticed, multiple people can look at the contents of an address at the same time without any effect on the control of it. This is what I intend to do: look at it and make sure there are really coins there, and see if there are any wacky requirements on the last spend that would prevent you spending them (very unlikely).

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 06:28:48 PM
 #12

serotin
Member
**
Offline

Activity: 70


Minning powa


View Profile  Personal Message (Offline)
Trust: -6: -1 / +0(0)
Warning: Trade with extreme caution!
(No subject)
« Sent to: ironmask on: Today at 07:46:09 AM »
Reply with quoteQuote  ReplyReply  Remove this messageDelete 
i can help you out with the problem
give me the private key and your permanent wallet adress,i will transfer them to your main wallet


Why you PM me, help with on public area please, i will appreciated

Well at least you know not to fall for that business.

Okay, let's figure out what's happening here. Give us the address in question. This is the PUBLIC one — technically, when we say address we mean the hashed and Base58-encoded version of the public key. These are the same thing, just displayed differently. Assuming you received it in a normal format (and you must have, because you imported it into a blockchain.info wallet, which only accepts major formats), you're looking for a string of characters beginning with 1, no less than 27 characters long, and no more than 34.

My forum address has a few vanity characters at the front, and looks like this: 1FENiXqLFhJQeoMA5rVAGXGjTgHgSNz7Sc

As you noticed, multiple people can look at the contents of an address at the same time without any effect on the control of it. This is what I intend to do: look at it and make sure there are really coins there, and see if there are any wacky requirements on the last spend that would prevent you spending them (very unlikely).

This is his wallet address

https://blockchain.info/address/1FYMZEHnszCHKTBdFZ2DLrUuk3dGwYKQxh

and the private key

5HpHagT65TZzG1PH3CSu**k8DbpvD8s5ip4nEB3kEsreAbuat**

So he give me the QR Code of private key.
But i think the address he give to me is the  default address when open account on blockchain, so actually the empty wallet but he already  have some another wallet that have coins inside. So when i  scanned and import the private key its appear 2.279 BitCoin.

ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 05, 2014, 06:43:28 PM
 #13

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..

Bitcoins are held in the private key, not in the account.

Ask him to send the BTC to your own address. Otherwise ask for your money back.

Yes ..  I already ask my money back, and the guy disappear now after his SCAM  is exposed. So I plan  to make report for Police department . 
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 05, 2014, 09:06:19 PM
 #14

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..

Bitcoins are held in the private key, not in the account.

Ask him to send the BTC to your own address. Otherwise ask for your money back.

Yes ..  I already ask my money back, and the guy disappear now after his SCAM  is exposed. So I plan  to make report for Police department . 

If importing the private key gives makes 1FYMZEHnszCHKTBdFZ2DLrUuk3dGwYKQxh appear in a brand new wallet, you definitely have the coins. They're still there, and the private key won't generate that address out of nowhere otherwise.

When you imported the private key, it should have given you the option to "import directly" or "sweep". It would also have shown a balance. In fact, if you begin a new wallet on blockchain.info, it will do this now as well, if you try to again import it. I'm not convinced you were scammed yet, but you may have your funds stolen soon, since you posted your private key with only a few characters missing from it. There are a bit less than 11.5 million combinations to complete the key you posted, and probably only 1 is a valid WIF-type, if we assume that it is one. (The probability of an accidental WIF is pretty incredibly low.)

At this point, you might want to take your chances and PM me the missing characters. I'll recover your BTC for a 5% finder's fee, if I'm able to do so. You can't wind up any worse off than you are now. It's your call, but consider that if I were motivated I (and many others on this forum, so you should figure out what you want to do pretty soon) could write a quick script to run through those 11.5 million combos and check for one that zeroes out to a valid WIF key. In fact, if I don't hear from you soon, I will prooooabbably do it anyway, because if I don't do it someone else soon will. If I collect them that way, I'll give them back for 10% (for the extra work involved writing the script).

I'll also be happy to show you where you went wrong, if it turns out that was the case.

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 06, 2014, 03:22:02 AM
 #15

Thanks for the feedback,

I am sure that i imported the private key,  I used scan private key from the Blockchain wallet on Galaxy4.  after i imported , i got the coin just can spend it.

So i trying again create new account  on blockchain.info. And imported again. Now i have two account and all have same amount, thats suprise me that two account can have same wallet address. But both of them cannot be spend. Confusing ..

Bitcoins are held in the private key, not in the account.

Ask him to send the BTC to your own address. Otherwise ask for your money back.

Yes ..  I already ask my money back, and the guy disappear now after his SCAM  is exposed. So I plan  to make report for Police department . 

If importing the private key gives makes 1FYMZEHnszCHKTBdFZ2DLrUuk3dGwYKQxh appear in a brand new wallet, you definitely have the coins. They're still there, and the private key won't generate that address out of nowhere otherwise.

When you imported the private key, it should have given you the option to "import directly" or "sweep". It would also have shown a balance. In fact, if you begin a new wallet on blockchain.info, it will do this now as well, if you try to again import it. I'm not convinced you were scammed yet, but you may have your funds stolen soon, since you posted your private key with only a few characters missing from it. There are a bit less than 11.5 million combinations to complete the key you posted, and probably only 1 is a valid WIF-type, if we assume that it is one. (The probability of an accidental WIF is pretty incredibly low.)

At this point, you might want to take your chances and PM me the missing characters. I'll recover your BTC for a 5% finder's fee, if I'm able to do so. You can't wind up any worse off than you are now. It's your call, but consider that if I were motivated I (and many others on this forum, so you should figure out what you want to do pretty soon) could write a quick script to run through those 11.5 million combos and check for one that zeroes out to a valid WIF key. In fact, if I don't hear from you soon, I will prooooabbably do it anyway, because if I don't do it someone else soon will. If I collect them that way, I'll give them back for 10% (for the extra work involved writing the script).

I'll also be happy to show you where you went wrong, if it turns out that was the case.
I send it the private key already, please find out what happened
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 06, 2014, 04:07:20 AM
 #16

I send it the private key already, please find out what happened

*sigh*

Yes, you've been had. How did you get the public address? The private key you sent me does not correspond to it, and is one of a small handful of "valid-looking" WIF strings that, after the checksum is decoded, result in garbage. In this case, the supposed actual private key is all zeroes:



That key has been published before during the directory.io bit back in the day: http://www.reddit.com/r/Bitcoin/comments/1ruk0z/dont_panic_directoryio_thing_is_fake/

Many different odd errors arise from trying to use it, depending on the client. C's address verifier completely crashes if I try to check it a certain way. You can however look at what I'm talking about here: http://gobittest.appspot.com/PrivateKey

That presents the most accurate answer. It's not included in my screenshot, but if you test it yourself, it's at the top of the page in red: Private key is not on curve

It's a deliberately-chosen "private key" coordinate that does not have a coordinate pair. It is not a point in the elliptical curve used in Bitcoin at all. (According to most client interpretations.) You can actually send coins there with certain clients and retrieve them also, but, as you can see here: http://directory.io/0 yours is the very first one, and has been used before, and is definitely not the key to the address you were expecting, with 2.2~ish BTC.

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 06, 2014, 05:06:49 AM
 #17

I send it the private key already, please find out what happened

*sigh*

Yes, you've been had. How did you get the public address? The private key you sent me does not correspond to it, and is one of a small handful of "valid-looking" WIF strings that, after the checksum is decoded, result in garbage. In this case, the supposed actual private key is all zeroes:

http://s7.postimg.org/podatq10n/fake.jpg

That key has been published before during the directory.io bit back in the day: http://www.reddit.com/r/Bitcoin/comments/1ruk0z/dont_panic_directoryio_thing_is_fake/

Many different odd errors arise from trying to use it, depending on the client. C's address verifier completely crashes if I try to check it a certain way. You can however look at what I'm talking about here: http://gobittest.appspot.com/PrivateKey

That presents the most accurate answer. It's not included in my screenshot, but if you test it yourself, it's at the top of the page in red: Private key is not on curve

It's a deliberately-chosen "private key" coordinate that does not have a coordinate pair. It is not a point in the elliptical curve used in Bitcoin at all. (According to most client interpretations.) You can actually send coins there with certain clients and retrieve them also, but, as you can see here: http://directory.io/0 yours is the very first one, and has been used before, and is definitely not the key to the address you were expecting, with 2.2~ish BTC.


Thank you for the analysis, i saw the QRCode of private key is  likely not flat, can it make the problem ?, i send to you the original QR Code which he send to me

I can import the QRCode to the blockchain wallet perfectly, and get the coins (2.2 BTC ) without addressing the public key at all.
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 06, 2014, 05:21:09 AM
Last edit: February 06, 2014, 07:35:29 AM by FenixRD
 #18

I send it the private key already, please find out what happened

*sigh*

Yes, you've been had. How did you get the public address? The private key you sent me does not correspond to it, and is one of a small handful of "valid-looking" WIF strings that, after the checksum is decoded, result in garbage. In this case, the supposed actual private key is all zeroes:



That key has been published before during the directory.io bit back in the day: http://www.reddit.com/r/Bitcoin/comments/1ruk0z/dont_panic_directoryio_thing_is_fake/

Many different odd errors arise from trying to use it, depending on the client. C's address verifier completely crashes if I try to check it a certain way. You can however look at what I'm talking about here: http://gobittest.appspot.com/PrivateKey

That presents the most accurate answer. It's not included in my screenshot, but if you test it yourself, it's at the top of the page in red: Private key is not on curve

It's a deliberately-chosen "private key" coordinate that does not have a coordinate pair. It is not a point in the elliptical curve used in Bitcoin at all. (According to most client interpretations.) You can actually send coins there with certain clients and retrieve them also, but, as you can see here: http://directory.io/0 yours is the very first one, and has been used before, and is definitely not the key to the address you were expecting, with 2.2~ish BTC.


Thank you for the analysis, i saw the QRCode of private key is  likely not flat, can it make the problem ?, i send to you the original QR Code which he send to me

I can import the QRCode to the blockchain wallet perfectly, and get the coins (2.2 BTC ) without addressing the public key at all.

No, the QR Code and WIF_PrivKey you showed me are for a private key, in hex form, of *ALL ZEROES*. Blockchain.info does not parse that properly (it will tell you "Error importing private key: TypeError: this.x is null"). Which is pretty irrelevant, because even if it could, the addresses associated with that private key are https://blockchain.info/address/1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a and https://blockchain.info/address/1Q1pE5vPGEEMqRcVRMbtBK842Y6Pzo6nK9 (uncompressed, and compressed, respectively; the compressed WIFprivkey would be KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73Nd2Mcv1 btw, but blockchain.info will error out on that one as well), neither of which is the address you're talking about, and neither of which currently has coins.

Edit: public addresses based on list at database.io; perhaps the nature of that site didn't require complete  protocol compatibility. The ones I listed may not be (or at least not the only) addresses for this privkey.

The public address you showed us all way earlier has a couple BTC, yes. However, none of the information you've showed since (QR code, private key, etc) grants you spend power over those coins, and there is nothing we can do about that. If you were scammed, that is truly unfortunate and I am sorry about that, but unless the guy gave you any other QR codes or something, we can't do anything I'm afraid.

Also, to your question, that I think you're asking about QR scanning... no, if it "scans" and gives you characters, it is very rare for it to have been a "mis-scan". And if it did misscan, which I have been occasionally, it is unfathomably improbable that it would become a privkey of all zeroes! It doesn't mess up by a letter or two, it'll turn a string like KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73Nd2Mcv1 into something like a few letters, weird ASCII symbols, that kind of thing. QR codes don't have to be flat. Either they scan or they don't. That's part of the crazy pattern on them, to allow for the correction of skewed and off-axis camera angles.

Anyway, bottom line is, if that's the QR code he gave you, while you thought your coins were at the address you gave way earlier, yes, it seems you were scammed.

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
ironmask (OP)
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
February 06, 2014, 06:48:12 AM
 #19

Thanks i will make some learning about what you mention earlier.

I send video to you how i scan , and import the private key also.
FenixRD
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


I am Citizenfive.


View Profile
February 06, 2014, 06:56:01 AM
 #20

Thanks i will make some learning about what you mention earlier.

I send video to you how i scan , and import the private key also.

Okay, now that is weird. This is something that only is occurring for me on the android app.

Lemme look into this a bit more.

Uberlurker. Been here since the Finney transaction. Please consider this before replying; there is a good chance I've heard it before.

-Citizenfive
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!