Bitcoin Forum
December 12, 2017, 07:36:50 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: EgoPay servers compromised? Sending fake transactions to merchants  (Read 8690 times)
BitMarket.pl
Newbie
*
Offline Offline

Activity: 7


View Profile
December 28, 2014, 12:56:51 PM
 #1

I am sorry if this is a wrong forum to post this, but I couldn't find a better one. The matter is urgent and since EgoPay is one of the most popular payment methods connected with bitcoin trading, I think it is vital that the whole community is aware what is happening.

This morning we received several transaction notifications from EgoPay via merchant API. These notifications were posted from the usual IP adress of Egopay (95.211.120.119) and were verified correctly by the SCI callback to the www.egopay.com server. However, the funds from these transactions were not added to our wallet. The transactions have very similar IDs, for example ZYYYXL-CLB1B2-AB93GV and ZYYYXX-WHQJNB-E2HQ1S, which is also suspicious because normally the IDs of the transactions are very different.

It looks that someone has hacked EgoPay servers and is/was sending fake transactions to merchants. We suspect this because (a) the notifications come from the IP address of EgoPay server and (b) the transactions were verified correctly by the callback to EgoPay server.

We have double-checked everything on our side and our scripts were not compromised (which was verified by comparing checksums of all scripts). We are posting this information here for all merchants using EgoPay because this matter is very serious and we haven't heard anything from the EgoPay support team so far.

We suggest that anyone having an EgoPay account change their password immediately, and any merchant using EgoPay as a method of payment disable it until we hear the explanation from EgoPay about this incident.
1513064210
Hero Member
*
Offline Offline

Posts: 1513064210

View Profile Personal Message (Offline)

Ignore
1513064210
Reply with quote  #2

1513064210
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513064210
Hero Member
*
Offline Offline

Posts: 1513064210

View Profile Personal Message (Offline)

Ignore
1513064210
Reply with quote  #2

1513064210
Report to moderator
Bitcoinpro
Legendary
*
Offline Offline

Activity: 1218



View Profile
December 28, 2014, 01:03:57 PM
 #2

its the right place to be posting

WWW.FACEBOOK.COM

CRYPTOCURRENCY CENTRAL BANK

LTC: LP7bcFENVL9vdmUVea1M6FMyjSmUfsMVYf
BitMarket.pl
Newbie
*
Offline Offline

Activity: 7


View Profile
December 28, 2014, 06:54:13 PM
 #3

Now it looks like the whole EgoPay merchant callback server is down. Any attempts to verify transaction callbacks result in "404 Not Found" error from the EgoPay server. Looks like they became aware that their server has been hacked and disabled it. Still no response from their support team. This starts looking serious.
AgentofCoin
Legendary
*
Offline Offline

Activity: 1092



View Profile
December 28, 2014, 07:23:29 PM
 #4

I was wondering when the hackers were going to hit things like Egopay, PerfectMoney, etc.

I support a decentralized & unregulatable ledger first, with safe scaling over time.
Request a signed message if you are associating with anyone claiming to be me.
talk2bit
Newbie
*
Offline Offline

Activity: 1


View Profile
December 29, 2014, 07:14:26 AM
 #5

you're not alone in this situation.

I think we should unite and push EgoPay for it's shit security and get our losses recouped by EgoPay or ruin their reputation.

I wonder how much did you lose in the end?

did you check each transaction in EgoPay system before commiting auto-payment to hackers?
BitMarket.pl
Newbie
*
Offline Offline

Activity: 7


View Profile
December 29, 2014, 10:58:15 AM
 #6

Quote from: talk2bit
you're not alone in this situation.
I think we should unite and push EgoPay for it's shit security and get our losses recouped by EgoPay or ruin their reputation.

We are giving EgoPay another 24 hours to make appropriate amends in this situation before we go public high profile. I chatted briefly with Mr. Arthur from EgoPay on Skype this morning and I am awaiting his detailed response.

Quote from: talk2bit
I wonder how much did you lose in the end?

We would like not to disclose our losses publicly at this moment. They are not a threat to our company financial situation, but they are serious enough for us to pursue all kinds of actions if necessary.

Quote from: talk2bit
did you check each transaction in EgoPay system before commiting auto-payment to hackers?

To verify transactions we used the code in EgoPaySci.class.php which they have available for download. Their transaction server was hacked, so the transactions were reported as valid by their API server.
eCoin.eu
Hero Member
*****
Offline Offline

Activity: 824



View Profile WWW
December 30, 2014, 09:29:44 AM
 #7

We confirm, that EgoPay was hacked, all that wrote bitmarket.pl did happen to us as well, but as the identifications of payments were similar, our security system let through only 2 transactions and the other ones were blocked automatically. After checking we contacted EgoPay and till now have no response...

eCoin.eu is a trading platform/system for crypto-currency such like: Bitcoin and Litecoin with many advanced features including buy, sell and exchange.
GÜNther.Danish
Full Member
***
Offline Offline

Activity: 122


View Profile
January 04, 2015, 06:24:08 AM
 #8

We confirm, that EgoPay was hacked, all that wrote bitmarket.pl did happen to us as well, but as the identifications of payments were similar, our security system let through only 2 transactions and the other ones were blocked automatically. After checking we contacted EgoPay and till now have no response...

how do you confirm? i'm curious
WMIRK
Full Member
***
Offline Offline

Activity: 166


View Profile WWW
January 09, 2015, 02:28:55 PM
 #9

This is a really serious problem!

https://easybit.pro - быстро и надежно купить/продать биткойн по выгодной цене!
goldux
Newbie
*
Offline Offline

Activity: 9


View Profile WWW
January 13, 2015, 07:32:50 PM
 #10

We can confirm also the same. Problem is that EgoPay is not responding to our emails, skype contact is offline so there is no way to contact them. What happened more is that Egopay has frozen 90% of our funds. They created new wallet 'Frozen wallet' and moved 90% of our funds into it. We cannot now spend it anymore.

It looks very suspicious now, still waiting what will happen next.

Goldux.com Admin

GOLDUX.com - BTC <> PM, OKPay, STP, Payza, LTC
mayax
Legendary
*
Offline Offline

Activity: 1064


View Profile
January 15, 2015, 06:36:46 PM
 #11

it is confirmed. Egopay was hacked and then the owners ran with the money. they are saying that the management is changing just to earn some time.

millions are missing. very curious why only a part of their exchangers came to public until now. I think they are still hoping to get some funds back from Egopay but NO chance . Smiley
richana
Jr. Member
*
Offline Offline

Activity: 46


View Profile
January 16, 2015, 11:32:52 AM
 #12

I am a user of both EgoPay and of the bitcoin exchange Virtex.com which is also owned by Egopay founder Tadas Kasputis (who started it with fellow Lithuanians Paulius Meskauskas, Tomas Andzelis and Mantas Gustys.)

For the past ten days I've been unable to get any funds out.  Both my fiat withdrawal requests and my BTC withdrawal requests are stuck, and support staff is completely silent. However, at the moment Virtex is still active and trading: But just not paying any funds out to its victims.
mayax
Legendary
*
Offline Offline

Activity: 1064


View Profile
January 16, 2015, 01:46:49 PM
 #13

I am a user of both EgoPay and of the bitcoin exchange Virtex.com which is also owned by Egopay founder Tadas Kasputis (who started it with fellow Lithuanians Paulius Meskauskas, Tomas Andzelis and Mantas Gustys.)

For the past ten days I've been unable to get any funds out.  Both my fiat withdrawal requests and my BTC withdrawal requests are stuck, and support staff is completely silent. However, at the moment Virtex is still active and trading: But just not paying any funds out to its victims.


Virtex.com is hacked too and they won't pay anybody...
IP_CAM
Newbie
*
Offline Offline

Activity: 1


View Profile
January 21, 2015, 04:53:29 PM
 #14

We can confirm also the same.
It looks very suspicious now, still waiting what will happen next.
Goldux.com Admin

One single Thing, I will never understand.

How in the World would an honest Business keep it's Founds in a fully unknown Wallet, at a fully unknown Address, exept for an url, registrered to a fully unnkown, hidden, individual, With NOTHING on their Website, informing about anyting valuable or simply usable, and expecting such a place to be a trustworthy Business Partner Huh

Are you Fellows all plain Nut's or something? Or simply blind, hampered by silly Expectations of getting rich quick?

Must be a really sick World, outthere, somewhere, in the Bitcoin Territory. There is just no other way to explain such behaviour. Sorry...

Goldux Admin:
Why do you still have all EgoPay Links active on your Website, are you affraid of getting nothing back, in Case, something is still around?

Or then, I imagine, you are out of problems !?
goldux
Newbie
*
Offline Offline

Activity: 9


View Profile WWW
January 21, 2015, 07:43:49 PM
 #15

Goldux Admin:
Why do you still have all EgoPay Links active on your Website, are you affraid of getting nothing back, in Case, something is still around?

Or then, I imagine, you are out of problems !?

Just few words to your post. Why do you think that address or phone contact is so important? Lets take look at one example: MtGox, they did have address, phone number, physical building, and so what? Did not people lost everything there, including us? Address on website means nothing. It will not protect your money.

We will not remove EgoPay links while EgoPay is still here. Some of pending payments were completed, so there is still activity.
Once they close website down, we will permanently delete all EgoPay links. Until then we wait and see what will be the next steps of EgoPay.

GOLDUX.com - BTC <> PM, OKPay, STP, Payza, LTC
Bejkn
Full Member
***
Offline Offline

Activity: 221


View Profile
January 23, 2015, 08:39:57 AM
 #16

there seems to be no safe place
richana
Jr. Member
*
Offline Offline

Activity: 46


View Profile
January 23, 2015, 11:12:45 AM
 #17

Indeed, there does seem to be still some SELECTIVE activity by EgoPay and Virtex. They pay their friends, and those they want to keep quiet. And somehow the worst part of the situation is that they themselves are quiet: They do not communicate to anyone what is going on. There is no way to contact them. And support requests remain unanswered.

All the hallmarks of thieves and scammers that should not be trusted. Not now, not forever.

(Sorry if I sound bitter, but I am one of the many who have lost money with Egopay's Virtex.com scheme and who is still waiting for payment)
cozytrade
Sr. Member
****
Offline Offline

Activity: 352



View Profile
February 04, 2015, 09:11:05 AM
 #18



Sorry what exactly is  "Egopay's Virtex.com scheme" you mentioned?


(Sorry if I sound bitter, but I am one of the many who have lost money with Egopay's Virtex.com scheme and who is still waiting for payment)


                   ▄▄▄▄▄
            ▄▄███████████████▄▄
         ▄███████████████████████▄
       ▄██████████████████▀ ▀███████▄
     ▄██████████████████▀    ▄████████
    ██████████████████▀    ▄███████████▄
   ██████████████████    ▄██████████████
  ████████████████ ▀██▄   ▀██████████████
  ███████████████▄   ▀██▄   ▀████████████
 ▐████████████▀ ▀██▄   ▀██▄   ███████████▌
 ▐███████████▄    ▀██▄   ▀██▄████████████▌
 ▐█████████████▄    ▀██▄ ▄███████████████▌
  ▀██████████████▄    ▀██████████████████
   █████████████▀    ▄██████████████████
    ▀█████████▀    ▄███████████████████
      ███████▄   ▄███████████████████
        ███████▄███████████████████
          ▀▀████████████████████▀
               ▀███████████▀

..ETHLend..1
[ Slack ] [ Telegram ] [ Twitter ]
▬▬ [ Bounty ] [ Facebook ] ▬▬
[ DAPP Thread ] [ ICO Thread ]
richana
Jr. Member
*
Offline Offline

Activity: 46


View Profile
February 04, 2015, 12:29:45 PM
 #19

The people who created EgoPay are the same people who also went on to later create Virtex.com, which is a bitcoin exchange that has not paid out anything or allowed its users to withdraw any money for the past month.

The site is still up and it appears to be active. But those of us who are verified users (such as myself) can simply just not get our money out. Fiat withdrawals don't work and requests for BTC withdrawals are also ignored. 

cozytrade
Sr. Member
****
Offline Offline

Activity: 352



View Profile
February 04, 2015, 01:24:00 PM
 #20



I see. Thank you for info.



                   ▄▄▄▄▄
            ▄▄███████████████▄▄
         ▄███████████████████████▄
       ▄██████████████████▀ ▀███████▄
     ▄██████████████████▀    ▄████████
    ██████████████████▀    ▄███████████▄
   ██████████████████    ▄██████████████
  ████████████████ ▀██▄   ▀██████████████
  ███████████████▄   ▀██▄   ▀████████████
 ▐████████████▀ ▀██▄   ▀██▄   ███████████▌
 ▐███████████▄    ▀██▄   ▀██▄████████████▌
 ▐█████████████▄    ▀██▄ ▄███████████████▌
  ▀██████████████▄    ▀██████████████████
   █████████████▀    ▄██████████████████
    ▀█████████▀    ▄███████████████████
      ███████▄   ▄███████████████████
        ███████▄███████████████████
          ▀▀████████████████████▀
               ▀███████████▀

..ETHLend..1
[ Slack ] [ Telegram ] [ Twitter ]
▬▬ [ Bounty ] [ Facebook ] ▬▬
[ DAPP Thread ] [ ICO Thread ]
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!