SCAM EXCHANGE: Openchange (Openchange.cash) (PARTIALLY SOLVED)

[stompix]

I love how they are digging the grave deeper and deeper with such explanations:

Since the user did not provide any evidence of using ChipMixer, we have every reason to believe that the funds were stolen. Refusal to provide additional information confirms this. Many times, such freezes allowed the thieves to be stopped and the funds returned to the rightful owners.

Read carefully, at the moment the user has received the full amount.
We are not engaged in investigating theft or finding the rightful owner, this is what the crypto exchange is doing.

So exchanges down where you are acting like both police, lawyers, prosecutors and court orders and return the money to the victims based on what? The picture id? How where have victims reimbursed you just released flagged money?

FACTS:
-you took the money from the person who opened this scam accusation
-both you and best exchange claimed you're a company following AML rules and you froze the funds because you followed AML regulations
-suddenly we find out you're not a company, you have no license to operate, and you're no money transmitter so you're whole existence defies AML regulations and FATF rules
- despite the funds being flagged as stolen 100%, despite the user not going through any KYC, you forgot everything about AML regulations, you accepted knowingly stolen funds and you released the exchange for a 10% money laundering fee

In what alternative reality is anything you have done legally...

I want to stop this discussion.

Of course, you do, there is no sane explanation that even a kid would buy for what you did

Just to make things clear:
If you would have frozen the funds, announced the authorities, informed the user of the case that might be opened against him, and offered him a chance to claim his funds back if the prosecutor would refuse any criminal charge against him, that would have been understandable.
You taking 10% because some script says so and telling us this is the law, this is bullshit!

[1714247885]

1714247885

[1714247885]

1714247885

[BitcoinGirl.Club]

Just wondering, if user bother to provide evidence they use ChipMixer (or other mixer),

Tracing back an input if I find an address has 0.xxx bitcoin then it could consider that it came from chipmixer since their minimum amount is 0.001 BTC with 0.001 BTC increments. But a single bitcoin user can create the same cheap and then spend it which will look like they are coming from chipmixer. Ideally, there are no valid way which will find out 100% that it came from Chipmixer.

Off - topic: Has anything wrong with ChipMixer clearnet?

Due to recent events ChipMixer is available only on Tor network.

[n0nce]

Changed circuit for joxi dot net, and it loaded normally. But, thanks.

So, in summary, the AML report:

- shows the TX ID.
- shows the amount of bitcoin that is deposited to openchange dot cash, may I assume?
- shows groups of risk score.
- shows that the risk score of that transaction is 94.9%, with no explanation.
- colors it red.
- somehow concludes it's de facto stolen.

Perhaps, a little explanation might clear up the situation. You're likely going to get a feedback of the same color, though.

I find it hilarious that they wave around some random 'tainting service database website' evaluation as if it was definitive proof of anything.
This is so unprofessional - either the people behind OpenChange are clueless of how all of this works or they are actually malicious. In both cases definitive signs of a service to avoid.

I don't have to explain why such a website link is no proof of anything. But just to reiterate: anyone can set up a little web server that does basic parsing of transactions and give them some random score. For all we know, such blockchain analysis can be (and often are confirmed to be) close with governments and other authorities; meaning they can directly censor people if we accept such websites' opinions as truth.

Most probably in this case, they flag anything that looks like it comes from ChipMixer as '95% risk' or whatever. I will check later with a ChipMixer withdrawal. Even if someone tumbled stolen coins through CM, there would be no way to return those funds to the legitimate owner, so there is no legit use in freezing them.
To OpenChange; if you're reading this: if the exchange you work with, uses such explanations to steal your funds; and then you try to pass these costs on to your customers, I'm sorry, but you're the stupid party in this business relationship. Your customers know that all this 'tainting talk' and 'risky transactions' is bullshit. Like: how is a Bitcoin transaction risky for you? It's the most irreversible way of transfering money; you got your coins, you're done. No amount of 'alleged risk' will result in an actual risk to your company.

FACTS:
-you took the money from the person who opened this scam accusation
-both you and best exchange claimed you're a company following AML rules and you froze the funds because you followed AML regulations
-suddenly we find out you're not a company, you have no license to operate, and you're no money transmitter so you're whole existence defies AML regulations and FATF rules
- despite the funds being flagged as stolen 100%, despite the user not going through any KYC, you forgot everything about AML regulations, you accepted knowingly stolen funds and you released the exchange for a 10% money laundering fee

This is the bullshit that results when people come into Development & Technical Discussion (or 'Wallets'?) and ask about 'Bitcoin APIs' for buying and selling BTC. I have seen this more than twice in the last 9 months and just from the way those questions are written it becomes clear the guys who build this type of stuff are totally incompetent.
I am not sure if the threads have been deleted or if I just can't find them right now, but I'll link them later.

[FatFork]

So, in summary, the AML report:

- shows the TX ID.
- shows the amount of bitcoin that is deposited to openchange dot cash, may I assume?
- shows groups of risk score.
- shows that the risk score of that transaction is 94.9%, with no explanation.
- colors it red.
- somehow concludes it's de facto stolen.

Perhaps, a little explanation might clear up the situation. You're likely going to get a feedback of the same color, though.

I find it hilarious that they wave around some random 'tainting service database website' evaluation as if it was definitive proof of anything.
This is so unprofessional - either the people behind OpenChange are clueless of how all of this works or they are actually malicious. In both cases definitive signs of a service to avoid.

I don't have to explain why such a website link is no proof of anything. But just to reiterate: anyone can set up a little web server that does basic parsing of transactions and give them some random score. For all we know, such blockchain analysis can be (and often are confirmed to be) close with governments and other authorities; meaning they can directly censor people if we accept such websites' opinions as truth.

Most probably in this case, they flag anything that looks like it comes from ChipMixer as '95% risk' or whatever. I will check later with a ChipMixer withdrawal. Even if someone tumbled stolen coins through CM, there would be no way to return those funds to the legitimate owner, so there is no legit use in freezing them.

It appears that they use the AMLBot API to check for "tainted" or "high risk" coins, but I can't verify these results because it's a paid service.
According to the website, AMLBot is operated by AML CORPORATION LIMITED, UK

To OpenChange; if you're reading this: if the exchange you work with, uses such explanations to steal your funds; and then you try to pass these costs on to your customers, I'm sorry, but you're the stupid party in this business relationship. Your customers know that all this 'tainting talk' and 'risky transactions' is bullshit. Like: how is a Bitcoin transaction risky for you? It's the most irreversible way of transfering money; you got your coins, you're done. No amount of 'alleged risk' will result in an actual risk to your company.

I definitely agree with this. Judging by all of the above, OpenChange should be flagged for illegal misappropriation of user funds and avoided at all costs.

[YOSHIE]

you all took his side. I absolutely don't understand why. Who can explain to me?

We don't side with: OP, we just want to help and solve the problem between @Janyiah201 and @OpenChange/you.

About 10% fee:
Many times we have lost and frozen our own funds due to users sending high risk funds. Questions about these transactions appear after we complete orders. You can't even imagine how much money was lost due to users like this one. This is our rule. If some user does not agree with our rules, he can use another exchanger.
Since the user did not provide any evidence of using ChipMixer, we have every reason to believe that the funds were stolen. Refusal to provide additional information confirms this. Many times, such freezes allowed the thieves to be stopped and the funds returned to the rightful owners.

There are some inconsistencies I see here.
If you are part of the OpenChange exchange team, I think your words are too much for users of mixed companies like Mixer, you equate all users who use mixed services with the case experienced by: @Janyiah201, you guys think all crypto transactions coming from companies mixed with stolen coins, this is really overkill.

@Janyiah201, already explained here, that he doesn't steal, and he does some AML and KYC Verification, which you requested, Of course any user object, if the Verification carried out exceeds the limits of the KYC rules.

After receiving enough confirmations they changed order status to "Mistake" and accused me of trying to money launder stolen funds. According to their AML bot funds that I have sent are stolen. I have tried to explain them what Chipmixer is and it was a waste of time. They keep insisting on:"Risk of your transaction - Stolen 100.00%".

Conversation was going on inside their internal "messages" and now I can't find all that they asked me to refund me, but it was from source of funds, who sent me, conversations and screenshots, can't even remember everything and in the end KYC (ID, selfie, etc), but most of what they asked I couldn't provide even if I wanted to. It's the first part about source, who, how, links, transactions, conversations, crazy.

I looked at the AML and KYC Verification rules, which OpenChange/you guys are running.

7. AML and KYC verification.
7.1 The Company conducts AML and KYC verification of Payin transactions according to its own algorithms.
7.2 AML and KYC verification includes the use of specialized services for analyzing cryptocurrency transactions for the presence of funds that have high risks for the Company. These risks include Dark Service, Dark Market, Illegal Service, Exchange Fraudulent, Scam, Stolen, Gambling, Mixer, Ransom, Sanctions, Child Exploitation and Terrorism Financing.
7.3 If the analysis of the Payin transaction revealed the presence of these types of high-risk funds and their total percentage was 40% or more, the Company has the right to withhold 10% of the amount of the incoming transaction.
7.4 If the total risk of the incoming transaction is 70% or more, the Company has the right to withhold 10% of the amount of the Payin transaction.
7.5 The Company has the right not to inform the User about the deduction of 10% of the amount of the Payin transaction.
7.6 The user has the right to receive the results of the audit and/or independently verify the correctness of the risk assessment.
7.7 Payin transactions are verified by AML and KYC by Cryptocurrency exchanges.
7.7.1 If a high risk of an Payin transaction is detected and/or if outgoing wallets are involved in illegal activities, the received funds may be frozen.
7.7.2 To unfreeze funds, documents may be required to verify the identity of the sender and information explaining the source of origin of the funds sent.
7.7.3 If the sender provides comprehensive information upon request, the funds can be unfrozen by the exchange, credited to the account of the Company and the Order will be completed.
7.7.4 Realizing that the verification requirement is not from the Company, but from the Cryptocurrency Exchange, the User undertakes to wait for a decision on verification and not to make a claim against the Company.

openchange.cash

Some points I see, openchange.cash implements AML and KYC Verification, burdensome one party/user of openchange.cash service.

Warning;
From the data I see, I dare to conclude, anyone who uses mixed services such as Mixer, etc., including gambling, like the data above, be careful making transactions to the openchange.cash service, high risk, you can end up as experienced by: @Janyiah201, use an exchange service which is not high risk for you and read all their rules before doing it.

[DireWolfM14]

I find it hilarious that they wave around some random 'tainting service database website' evaluation as if it was definitive proof of anything.
This is so unprofessional - either the people behind OpenChange are clueless of how all of this works or they are actually malicious. In both cases definitive signs of a service to avoid.

I don't have to explain why such a website link is no proof of anything. But just to reiterate: anyone can set up a little web server that does basic parsing of transactions and give them some random score. For all we know, such blockchain analysis can be (and often are confirmed to be) close with governments and other authorities; meaning they can directly censor people if we accept such websites' opinions as truth.

Most probably in this case, they flag anything that looks like it comes from ChipMixer as '95% risk' or whatever. I will check later with a ChipMixer withdrawal. Even if someone tumbled stolen coins through CM, there would be no way to return those funds to the legitimate owner, so there is no legit use in freezing them.
To OpenChange; if you're reading this: if the exchange you work with, uses such explanations to steal your funds; and then you try to pass these costs on to your customers, I'm sorry, but you're the stupid party in this business relationship. Your customers know that all this 'tainting talk' and 'risky transactions' is bullshit. Like: how is a Bitcoin transaction risky for you? It's the most irreversible way of transfering money; you got your coins, you're done. No amount of 'alleged risk' will result in an actual risk to your company.

It does bring up the question as to why exchanges are relying on third parties to define tainted vs. clean bitcoin.  Who gave these third party companies the authority to decide other than the exchange, and why do these exchanges think they're entitled to break the law based on some random third party's claims?

If Openchange was operating in the US, they would have their asses handed to them in their own hat for pulling this kind of shit.  The AMLbot they purport to be using is registered to a company that's based in the UK.  The UK must have some laws that protect consumers' funds from being frozen by rogue financial services.  It seems that if the OP decided to sue, the company behind AMLbot could be held liable for providing misleading, or downright false information.

It's starting to look like any exchange that contracts with a third-party AML "authority" is only doing so to shift blame when they decide to abuse their power.  

[n0nce]

you all took his side. I absolutely don't understand why. Who can explain to me?

We don't side with: OP, we just want to help and solve the problem between @Janyiah201 and @OpenChange/you.

The problem was resolved. Due to public pressure, they gave in and returned the missing 10%, as they stated earlier. It doesn't make them seem any more legit / trustable as business partners though, since if the funds were indeed as 'super duper for sure stolen' and 'going to be returned to righteous owners'; they wouldn't/shouldn't have returned anything; neither 90%, nor 100%, no matter how much public pressure. However, the fact that they did return the funds to Janyiah201 confirms they know just as well as us that there is no way to tell if CM funds are stolen or not.
Just tried to scam over the wrong person (a Bitcointalk user)..

Warning;
From the data I see, I dare to conclude, anyone who uses mixed services such as Mixer, etc., including gambling, like the data above, be careful making transactions to the openchange.cash service, high risk, you can end up as experienced by: @Janyiah201, use an exchange service which is not high risk for you and read all their rules before doing it.

Amen to that! This is the reaction I want to see from customers / Bitcoin users. If a service comes up with some arbitrary, hilarious money laundering / stealing accusations, do not give in; stop using this service. Having to give a bank all your personal information, letting wallets track your every transaction and letting other people decide if you're allowed to spend your coins or not, are exactly the things Bitcoin was made to destroy. That's why we keep saying this behavior shown by 'Bitcoin companies' is actually 'anti-Bitcoin'.

[Poker Player]

I doubt if Support OpenChange is going to come back here, but just in case he does, I would like to ask him a question.

I can understand that the legislation of the country where you are located does not oblige you to put information about the company on the website, apart from the email you put. Another thing is that if I am fine with that legislation.

But it is inconsistent to ask for KYC documents while you do not expose anything about your company.

Can you give some more information about your company?

One thing is that the legislation does not oblige you, but it does not forbid you to share information about your company. Not sharing anything makes us think that the company simply does not exist, that it is not legally registered.

Besides, I agree with most of the things that have been commented here. For example, keeping 10% of funds that you consider stolen says a lot about you, and about the supposed legality of your actions.

[dkbit98]

1. Would you allow that user to use OpenChange?
2. What proof do you accept? Screenshot of their browser?

That are good questions and I would like to see openchange answering on them, but in reality this magical AMLbot can one time flag address coming from CM as high risk, second time as medium risk, and third time as low risk... it's like lottery.
There are some free tools for testing this and last time I tested them it was giving medium risk for most coins coming from exchanges like Binance.
Now we don't have proof that openchange is using Binance and WhiteBIT but they claim they are using this two exchanges.

Just tried to scam over the wrong person (a Bitcointalk user)

Let me play evil advocate here...
What happens if they only have multiple accounts at Binance exchange, and they really received warning and frozen funds by Binance.
They could easily prove this by showing us screenshot from that message and this would stop all speculations.
My question is what happens with those (unclean) coins that are now mixed with supposed clean coins, and how can anyone separate ''clean'' from ''unclean'' coins?
It's ridiculous concept  

[Support OpenChange]

I would like to see a more detailed analysis to see how they justify their conclusions.

http://joxi.ru/ZrJoxGqCQ4v9pm

If there's a chance for the funds to be "high risk", why can't the user first confirm they aren't and move onto depositing to your exchange right after?

Maybe we will add this feature in the future

Can you shed any light on where you decided to use a 10% figure confiscating user funds? I mean, why not raise your percentage to 50%, 100% or even drop it to 5% or zero?

We relied on statistics

Just wondering, if user bother to provide evidence they use ChipMixer (or other mixer),
1. Would you allow that user to use OpenChange?
2. What proof do you accept? Screenshot of their browser?

The crypto exchange demanded to block this client.
All possible evidence, including screenshots, is accepted for confirmation.

As I said before perhaps we will revise our rules regarding AML and additional fees.

[LoyceV]

I would like to see a more detailed analysis to see how they justify their conclusions.

http://joxi.ru/ZrJoxGqCQ4v9pm

Allow me to embed the image from another host:

So, you're saying the funds came from a hack 5 transactions and 8 years ago. Without verifying the chain evidence, even if this is correct, it makes no sense to blame the current owner of the funds. Just like someone can't be blamed if they received dollar bills that were previously stolen.
Luckily, the funds now moved to the address of a large exchange, so it's at 7 transactions now and completely clean, right? Don't you see none of this makes any sense?

I can understand that the legislation of the country where you are located does not oblige you to put information about the company on the website, apart from the email you put. Another thing is that if I am fine with that legislation.

But it is inconsistent to ask for KYC documents while you do not expose anything about your company.

Allow me to emphasize this again:

It doesn't worry you that an anonymous entity demands people to share their legal documents? It worries me! I'm okay with legit companies following the law in the country they're registered in. I'm also okay with totally anonymous services that solely rely on their reputation.
But I'm not okay with anonymous entities cherry picking which rules do or don't apply to them.

@Support OpenChange: Pick a side

[saxydev]

@loycev it is definetly same owner as the cryptsy hack, i sent the address yesterday to blackhatcoiner as PM, same as the one opensea posted from that scam aml service, the funny part is that this aml bot opensea uses it is considered by most people who work in aml in crypto as a scam. but the result is the same as the one i have.

[aew]

This  story is Already over but signature spammers keep raising it. I'm surprised the exchange still paid 90% a reputable exchange will never pay back a dime after the OP admitted to laundry his coins at  mixing sites.

Guys I mean signature spammers you guys keep repeating same this again  and again and talk about stupid things

I surprised also those signature patrons pays for such posts .

[BlackHatCoiner]

@loycev it is definetly same owner as the cryptsy hack

If it's "definitely" the same owner, prove me how transaction - 1e7c498469369e90dfdd0c8258c6aa5325661553f441a2c6897d93b210f8ef67 - which spends supposedly stolen funds of 2014, has a direct correlation with transaction - 1f393532c18ac21a21b17ea890579a6d071f008400b2c73ced357cd59fe194d3 - wherein I only see some (conceivably) ChipMixer's chips being spent.

This  story is Already over

It might be over for pro-censorship folks like you, but those who wear this signature appear to be more delicate to privacy invasion, customer extortion for personal data, treating bitcoin as non-fungible and confiscating funds arbitrarily - generally, for breaking the law. Thanks.

[o_e_l_e_o]

2. What proof do you accept?

The only proof which should be needed is to point out that the coins are very clearly from ChipMixer, which anyone who spends two seconds looking at the transaction can clearly see due to their unique chip funding transactions. To still state the coins are "stolen 100%" after you know they have been mixed means you either don't understand bitcoin at all or you are actively trying to scam.

@loycev it is definetly same owner as the cryptsy hack

What are you saying? That OP, who withdrew that chip from ChipMixer, also made the deposit which created that chip? Despite the chip being created almost 3 months before OP used it? And your proof of that is what?


Also worth pointing out that AMLBot is also used by Antinalysis, which as I've pointed out in another thread, flags lots of coins from large centralized exchanges such as Binance as similarly tainted. Its analysis is worthless. This is also evidenced by the fact that it thinks coins which were stolen 8 years ago, have moved 5 times, and have been mixed, are still "100%" in possession of the same user, which is utter nonsense.

[saxydev]

No, you both get it wrong, first you don't have to look for a direct connection between those 2. I don't say the sender has to do something with criptsy or chipmixer at all. The bitcoin is directly originated from the criptsy hack in such a way that the coins received at the end by open sea are directly originated from that hack/stolen, also the model of the txo's reflects that chipmixer was used. It goes even more complicated because the exchange has no matter if the mixer was used or not. This transaction is a clear example why mixers can do a lot of harm.
But, I won't trust this exchange only because it uses that AMLbot (btw russians) which is a scam.

[BlackHatCoiner]

The bitcoin is directly originated from the criptsy hack in such a way that the coins received at the end by open sea are directly originated from that hack/stolen

What does opensea has to do with this case? Answer us how are the funds from criptsy hack correlated with the OpenChange depositing transaction.

also the model of the txo's reflects that chipmixer was used.

But, it doesn't prove it, unless ChipMixer provide us a signed message from these outputs, stating that it does. I can create 10 outputs, each funded by 0.256 BTC, and make you believe it's theirs, by the same reasoning.

It goes even more complicated because the exchange has no matter if the mixer was used or not.

If the exchange "has no matter" for mixer usage, why does it forbid it in their terms of use?

7.2 AML and KYC verification includes the use of specialized services for analyzing cryptocurrency transactions for the presence of funds that have high risks for the Company. These risks include Dark Service, Dark Market, Illegal Service, Exchange Fraudulent, Scam, Stolen, Gambling, Mixer, Ransom, Sanctions, Child Exploitation and Terrorism Financing.

This transaction is a clear example why mixers can do a lot of harm.

This particular case is a good example of why taint analysis can do a lot of harm.

But, I won't trust this exchange only because it uses that AMLbot (btw russians) which is a scam.

AMLbot is designed to do one thing; taint coins in a subjective manner. That's the real scam.

[n0nce]

No, you both get it wrong, first you don't have to look for a direct connection between those 2. I don't say the sender has to do something with criptsy or chipmixer at all. The bitcoin is directly originated from the criptsy hack in such a way that the coins received at the end by open sea are directly originated from that hack/stolen, also the model of the txo's reflects that chipmixer was used. It goes even more complicated because the exchange has no matter if the mixer was used or not. This transaction is a clear example why mixers can do a lot of harm.
But, I won't trust this exchange only because it uses that AMLbot (btw russians) which is a scam.

The issue with your line of thought is that you assume if we flag coins as stolen, they will be returned to the legitimate owner. These funds have moved hands so many times over so many years and evidently also gone through a mixer that it's impossible to now ask the 'last owner' of said funds to return them. It's also nothing that ever happened; instead it's used as an argument to just confiscate funds. In this case, they were sent to an exchange's main address and jumbled together with all other deposits. So they don't actually care about returning funds to victims of theft, but simply keep them to themselves.

[JollyGood]

One thing I noticed from the Open Change representative was a clear lack of understanding exactly how serious this matter is. They have not really done themselves any favours by saying they have returned the stolen 10% of the funds to OP therefore the matter is closed. Their shady business practices ensure the matter cannot be closed on whim or their say-so.

I agree, Open Change should be avoided at all costs because there is a serious risk of them users having funds stolen.

To OpenChange; if you're reading this: if the exchange you work with, uses such explanations to steal your funds; and then you try to pass these costs on to your customers, I'm sorry, but you're the stupid party in this business relationship. Your customers know that all this 'tainting talk' and 'risky transactions' is bullshit. Like: how is a Bitcoin transaction risky for you? It's the most irreversible way of transfering money; you got your coins, you're done. No amount of 'alleged risk' will result in an actual risk to your company.

I definitely agree with this. Judging by all of the above, OpenChange should be flagged for illegal misappropriation of user funds and avoided at all costs.

[P2PECS]

I personally would not do business with them, as it is all nonsense. They are supposed to have been in business for many years? I don't know if they started implementing these rules on apparently stolen funds recently or it was the exchange they work with but the explanations they give don't make much sense.