Bitcoin Forum
July 18, 2019, 08:00:21 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Note fraudster and extortionist!  (Read 4542 times)
pendalf2008
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
March 14, 2014, 08:16:32 AM
 #1

Sorry for my bad English please. This is the English version of russian https://bitcointalk.org/index.php?topic=513286.msg5689890#msg5689890.

I want to tell you about the criminal element hiding under the guise of "security" Bitcoin.

12.03.14 I cheked my mailbox, and found ther the message from "bitcomsecresearch@gmail.com" whith next post:
 
 
Quote
   Hi,
    I'm a security researcher for a site you frequent.I think it is wise to respond back to me so we can discuss returning the stolen bitcoins. If you do not return them I will dox you, forward to your authorities and you will get to enjoy prison for some time.
    So, what do you want to do?
    I have your IP addresses, contact to Everest. And am waiting on you.
    Return the bitcoins to: 1SEC1BS5wFDSToi1v3RubV9PjCSSPa6s9
    As for the Litecoins I think we can talk about that.
    Email me back ASAP.
    Thanks.

    --
    [bitcomsec]
    founder und lead security researcher
    reddit: https://reddit.com/r/bitcoinsec
    twitter: https://twitter.com/bitcomsec
    about: http://blog.bitcomse...on-to-bitcomsec
    BTC: 1SEC1BS5wFDSToi1v3RubV9PjCSSPa6s9

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    xo0EUrsmqQED/2uxmE6D/HG057/OTy3Pdxlip5F92byq3/v1TN9HUcI9fEPt
    vKj1c6QNYIAJAW4vBKobvQnTVig1z8G1cwJo8dJz5irCnXbVbNif3saE32qE
    ImJC7B8EaWAxCnpxiWyjcg2aiA0mJBDLC2e0a67BRnb4i0oYJ0IYLkIfmW1g
    8YmXABEBAAHNMmJpdGNvbXNlYyByZXNlYXJjaGVyIDxiaXRjb21zZWNyZXNl
    YXJjaEBnbWFpbC5jb20+wpwEEAEIABAFAlK7JsMJEOw5JoZLxtEcAADKSQP/
    QNsiAjmj08qSpC1Dym20OjraZLI1n35A3EYTmaB1pOShPb0iUwkn2uQ9q1nU
    d0IBHK46tK8k2/mXwFzOOou474lvKY3O1mw+rzmKo1v+MeJJbBces0p1Sy3o
    pwK3jf6zAVbxlEdchcsGj4CnE7qwDAbTpXMsrdxaZu5LwCrV3ZM=
    =/OA9
    -----END PGP PUBLIC KEY BLOCK-----
     
I did not even look for this delirium, and send it to spam. Dut this crime did not stopped and write me personale message on this forum from user https://bitcointalk.org/index.php?action=profile;u=251055
 
Quote
    Hi Anton,
    I suggest you check your email.
    We need to talk.
    Time to return the bitcoins you have stolen.

After this messege, I was interested. I opened the links in first email, and read about him. He positioning hisself as an "Robin Hood" of the Internet, which "returning stolen cryptocurency". But this is not. This hackman founded my account in Vcontacte and get my ip. So why I telling thst he is an fraudster and extortionist:

1. How did he know my mail from the beginning? On specialized forums it is closed, to get it would be only by hacking the site (which incidentally observed in autumn on btcsec). Ie This fellow could be involved in breaking the forum. Another option receive mail -he could hack someone of fork pools, I used this mail on many of them. There he could also take my ip.... So he is still a crook.

2. From what he took that I "stole" the money? What the cryptocurrency system are now works by e-mail?  Grin Ie he is just a extortionist

Why am I writing all this - to ensure that such ghouls could not develop their resources "support" network, simply fooling people. And I ask the administration somehow punish member se[c].
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1563436821
Hero Member
*
Offline Offline

Posts: 1563436821

View Profile Personal Message (Offline)

Ignore
1563436821
Reply with quote  #2

1563436821
Report to moderator
pendalf2008
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
March 14, 2014, 08:45:19 AM
 #2

So. This man was not reassured. He find my home phone number, apparently from sites with resume for work or scientific articles. Does not matter. He called me and woke. I only hear that he and Andrew from "USA." And trying to speak wiyh "American" accent. If it is true  - for what he on his twitter yesterday searched the man speaking in Russian / Ukrainian?  Grin

I check my messages onforum and get next:     
Quote
   109.108.237.17 - - [11/Mar/2014:03:53:19 +0100] "GET /.git/config HTTP/1.1" 200 294 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1)
                  AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36"
    You made the mistake of accessing /.git/ from your real IP address.
    If you do not return the bitcoins you stole we will contact the authorities. We will expose you to the internet. And you will lose whatever anonimity you thought you had.
    Return the bitcoins and we will provide you cash reward.
    Do not be a thief. It will not pay off.
    I see you logged in. I see you read our messages.
    Now it is time to do the right thing.

If read this the git visiting is an big crime Grin. I dont now what he write in letter and what is that git. From git i dowlond onl apecoin sources, cgminer, mpos and stratum-proxy...
Another message:


Quote
    I read your posts on btcsec.com and although amusing I find it offensive you're putting me in the same bracket as you.
    Perhaps it is hard for you to understand. But SOMEONE be it you, or your neighbor, or someone in your home, USED your IP address to attack an exchange. I was hired by the exchange to do forensic work.
    In my research I discovered your IP address initiating the attack, and switching to a german VPS/VPN/PROXY.
    Your same IP lead to your username pendalf2008.
    And hence how I got the rest of your information.
    So, where do we go from here? Do you admit you stole the coins? Do you tell me who did in fact steal the coins FROM YOUR IP ADDRESS?
    Or do we contact authorities?
    Your move.

VPS / VPN / PROXY - this is how I understand the technology to ensure anonymity. So how he get my ip? From space maybe Grin
I answer to him:

Quote
    First at all, I will tell you why you a spammer:
    1. You dont telling the sum of "stolen" bitcoins
    2. You forgetting to tell adress on which thay was "stoled"
    3. Intersting, how could you "get the IP", if it switch VPS/VPN/PROXY, by your worlds? Lie again
    4. Etc...

    Dy Ukrainian laws your process of collecting my personal information is a hard crime. I will repost all this massages in themes, that I created on this forum and btcsec. And will create new theme in English branch. People must know about that you are crime...

On what in answer I get two messages

   
Quote
Anton,
    BTC: 13RdgpA5Tx24wgVran2xQ1ptm59ThZZpDC
    LTC: Lgo5u3FDnpZeBoZHQgb9Fud5QkKE7kbe4E
    Return stolen Bitcoin and Litecoins to the above addresses. And we will reward you for returning stolen coins.
    Stealing is never good.

and

   
Quote
You are trying really hard to sound convincing but here is the problem:
    We literally have logs of you attacking an exchange, stealing the money and logging back into the exchange to check random balances.
    Had you fucking responded to me from my first email we would have discussed the situation instead of you ignoring me and posting on BTCSEC. If you aren't involved in the hack, then clearly someone on YOUR IP ADDRESS did.
    So, with that being said your response is complete and utterly idiocy.

Here we already have an agression... I answer to him:

Quote
Again - you did not told two main components - on which btc adress was stolen bitcoins, and the summ.

This is not all reasons why I thinking that you a spammer. The first one is that I DONT KNOW ABOUT YOU SAYING. I DIDNT STOLE ANY bitcons or other coins from anywhere.

And I already have answer on this message:
Quote
Clearly someone used your IP to steal BTC. Either it was you, or your girlfriend, or your mother, or your neighbor. Someone FROM YOUR IP stole BTC.
Is this hard to understand? I posted logs of the attack into your thread since you seem so sure that I'm a spammer/scammer. How about you research who I am first. I run a security project for Bitcoin exchanges. I help exchanges recover stolen Bitcoins. I help exchanges fix security problems.
You're looking like a real idiot by claiming I am a scammer/spammer/whatever. I didn't ask you for your personal measily BTC. I asked for the BTC that was stolen FROM YOUR IP.
If you did not do it fine. Tell me who did it. Obviously you must know the person.
Check the attack logs. Check the IPs. It all POINTS TO YOU Anton.
So either work with me, or answer to authorities.

So now he told about some logs... I did not understand where he posted them, but this seems funny...
se[c]
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile WWW
March 14, 2014, 09:39:44 AM
 #3

For anyone interested in the actual story: https://bitcointalk.org/index.php?topic=513286.msg5689896#msg5689896

This newbie found a bug on an exchange from his home IP. Ends up stealing a decent amount of Bitcoins. I track him down and confront him. And now he is diverting attention by trying to distort my reputation.

He's sitting on a lot of Bitcoins, and we have his complete dox and logs to prove what he did. Now he's claiming that his wifi was probably cracked, or he has a trojan on his computer.

I don't think he realizes the extent of legal issues he's throwing himself into over greed.

Cheers.
Decentralized
Member
**
Offline Offline

Activity: 70
Merit: 10

Enterpreneur


View Profile
March 14, 2014, 09:46:56 AM
 #4

How many BTCs have he stolen? Just curious about it.

se[c]
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile WWW
March 14, 2014, 09:51:47 AM
 #5

Several hundred.

The exchange is willing to offer him a reward for returning the coins, and not forward his dox to authorities and not expose his complete identity. But apparently he'd rather run with the risk of riding this out. Until of course he gets raided. He thinks this situation is a fun game.

Going to sleep now.
pendalf2008
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
March 14, 2014, 12:30:33 PM
 #6

For anyone interested in the actual story: https://bitcointalk.org/index.php?topic=513286.msg5689896#msg5689896

This newbie found a bug on an exchange from his home IP. Ends up stealing a decent amount of Bitcoins. I track him down and confront him. And now he is diverting attention by trying to distort my reputation.

He's sitting on a lot of Bitcoins, and we have his complete dox and logs to prove what he did. Now he's claiming that his wifi was probably cracked, or he has a trojan on his computer.

I don't think he realizes the extent of legal issues he's throwing himself into over greed.

Cheers.
Ok. show here my dox and yours logs. But dont cut from logs the exchange on which you "works". Do it, or you can only telling "I heve your ip. You stole coins. Bla bla bla"?
se[c]
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile WWW
March 14, 2014, 07:16:22 PM
 #7

Lira,

I'm not impressed by your threats - especially when the the situation is clear as day that I've doxed a BTC thief, and the only thing I tried to do is motivate him to return the coins he has stolen.

I have done nothing whatsoever to indicate this is a scam. I am not looking for him to send me his measily satoshis, but rather, return the BTC he stole. That's the reality. I'm sure he will pay you nicely once he gets away with the steal. Which makes you an accomplice in this situation.

In any case I am done with responding. I will allow the Exchange to handle this through the authorities. Anton, I wish you luck. Hope you have a nice lawyer to help you through the legal situation.

Cheers!
11inches
Newbie
*
Offline Offline

Activity: 39
Merit: 0


View Profile WWW
March 14, 2014, 07:23:18 PM
 #8

Damn...what a crazy situation. Get some lawyers involved and the situation should resolve rather quickly.
pendalf2008
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
March 14, 2014, 08:26:43 PM
 #9

Lira,

I'm not impressed by your threats - especially when the the situation is clear as day that I've doxed a BTC thief, and the only thing I tried to do is motivate him to return the coins he has stolen.

I have done nothing whatsoever to indicate this is a scam. I am not looking for him to send me his measily satoshis, but rather, return the BTC he stole. That's the reality. I'm sure he will pay you nicely once he gets away with the steal. Which makes you an accomplice in this situation.

In any case I am done with responding. I will allow the Exchange to handle this through the authorities. Anton, I wish you luck. Hope you have a nice lawyer to help you through the legal situation.

Cheers!

The reality is that you only told that i "stole" some coins, but dint told from where, didnt told to what wallet. Everything you told - is my IP, that you could take from many places, which was hacked (etc btcsec.com). My ip is dinamic, but it does not changed if I pay for Internet in time. And it does not changed from aughtm. Where is the proves that my ip have any attitude to your "myphic" crime? Your logs in theme is nothing, becouse there are no link to "hacked" exchange. This is first. The second thing, is your call to me today. You speek russian whithout any akcent whith my relatives, and try to spoke with "english" akcent to me. After that you are not a scammer? I will write to our police and we will find you phone number. Dont worry, I will find you, if there be no war in Ukraine...

And the main thing from another. Why yours myphic "exchange" do not write first  to my mail? This quetion is so obvious, that I do not asked it first at all. You telling me that "hack was made from my account", and to whom this exchange must write first at all?

So the resume is - you are a lier, scammer and fraudster
se[c]
Newbie
*
Offline Offline

Activity: 36
Merit: 0


View Profile WWW
March 14, 2014, 08:59:24 PM
 #10

Anton,

It's obvious I can not mention the exchange because they have not given me permission to reveal it.

As for your IP it was obtained from Apache logs on the exchange. This should be obvious as well considering I posted the logs in your first Russian thread.

It should also be obvious that I am not trying to scam you. There is no scam here. Either you're really stupid, or you're playing a very good game publicly to deflect your guilt.

Either you stole the BTC or you didn't. If you did, return them and thats the end of the story. If you didn't then you need to seriously figure out how your IP address was used to commit a crime. Do you understand this? I wish I studied Russian in school so I can best convey to you exactly what's going on but apparently we are having an issue of miscommunication.

Any Russian/English speakers want to translate to him what I am saying to help him understand what is going on?

You are a member of an exchange that was hacked. Your IP, the same IP used to log into your 'pendalf2008' account was used to steal BTC. The IP, UserAgent and login times all match and point to you. Is this hard to understand? This is a clear indication you either did it, know who did it, or someones putting a lot of effort into framing you.

If it wasn't you, then work with me to figure out who did it. But screaming and crying SCAMMER about someone who has provided you research and logs isn't a smart move. It also doesn't help and or look legit when you have your friends on the forum defending you as well. It simply looks like you are all apart of the plot.

At the end of the day, I don't care for this melodrama. I really don't. I was hired to track down the attacker. And it points to you.

To answer your questions:

"And the main thing from another. Why yours myphic "exchange" do not write first  to my mail?"

Because they had asked me to get involved. I sent you the initial emails to hopefully awaken you from the dream that you would get away with the attack.

"You telling me that "hack was made from my account", and to whom this exchange must write first at all?"

I don't get your question. But the exchange will not be revealed yet. And the account username is pendolf2008. I also provided the IP addresses in the other thread and in emails.

If you have any questions email me and we can discuss it, or message me here. Or answer your phone when we call you. That's pretty much that.

PrintMule
Hero Member
*****
Offline Offline

Activity: 868
Merit: 500


One of the world's leading Bitcoin-powered casinos


View Profile
March 18, 2014, 03:04:17 PM
 #11

Just leave some negative trust rating for this guy, if you're sure that he's a possible scammer.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!