-snip-
If necessary we can discuss there elsewhere later.
Certainly.
Okay so it is reasonable to say that based on the same OP and same general background from screenshots posted from convicted2008 that the account was probably not sold/transferred, however this is not conclusive.
Sadly not.
I don't recall Candy ever being involved in any alt coins, additionally apparently some account farmers (myself not included) like to use the altcoin boards/threads to easily and quickly increase their activity/post count by cheering and/or pumping various alt coins.
I know for a fact that CandyStripes was trust farming with his own accounts, both from his lending thread and from him giving/receiving trust feedback from various other people without trades actually occurring. In the case of convicted2008, it looks like he was more engaged in the trading of gift cards with very trusted members, this is somewhat different however is still an indication of his likely intention of scamming in the future.
The sudden change in behavior could be an indication of unemployment/underemployment ad he was primarily selling things and was apparently spending more time (up from apparently zero) in bitcoin casinos (a sign a having a lot of free time). Having a sudden influx of free time is often caused by sudden unemployment which happens to be very high among felons in the US. Sudden unemployment generally associated with having a greater need for money which could lead to him being willing to do things like
this (being willing to "rent" out his account). It would potentially be possible that he gave Candy his account password for him to "use" for whatever reason Candy claimed to be wanting to use it for (this is very much speculation).
Him giving out his password to someone would make sense because someone apparently knew his
blockchain.info identifier(username), (but not necessarily his password), as well as his
fortune jack password. He previously stated that he used the same password for his various accounts.
Well after the screenshots the wallet identifier was certainly known as well as the password.
Another possibility (that is more speculation) is that he was paid by CandyStripes (or moreia who happens to also hate me because I was able to successfully shit on a number of his scams) to make it look like he is an alt of Candy when he is really not in order to discredit my abilities to call out scams. It would also fit in with the possibility that he is in greater need for money because of un(der)employment.
Its a valid theory, but it sounds like we should cut[1] it.
To summarize this. We have:
#1 insufficient security practices and/or a trojan
#2 rented the account
-snip-
It really depends. If he wanted to prevent the account from having a "password was changed recently" tag for 3 days, and the account showing up on the security log for 30 days then he might leave the password as is. If he were to change the password then a hacker would need to wait at least 3 days, during which time the real owner could come forward claiming his account was hacked.
Which is unusual for hackers though. The typical approach would be to wipe what is available and be gone.
-snip-
I still don't however see why the difference between when this account was created and when the convicted account was last active is so small if the convicted2008 account was actually hacked.
Well it fits with the hacked, but not immediatly changed the password theory. The times are (for my timezone at least):
#hhmmss - event
#002211 - password changed
#002511 - Convicted2008 last active
#002621 - Neonecrox13 registered
I would guess/speculate that the time an account is last active is the last time you click a link (or manually visit a page on the forum - e.g. by manually typing a URL) when still logged in. I think the account was not actually hacked.
I am not certain about this either, but not because of the times. My main problem with the hacked theory is that the scam attempt was way before the change of the password.
Below are additional PM's that I received from convicted after the initial one received (as well as my responses to him)
Hey why the fuck u leave negative trust on me? I've never claimed to have any s3's? That needs to be corrected immediately.
This PM was sent 52 seconds after I made my scam accusation saying that convicted2008 is an alt of CandyStripes, I would doubt that he would have had enough time to read my scam accusation and send me a PM in that amount of time, it was probably a reaction to the feedback I left him, although based on when I received a Skype message about the negative trust I originally left him, it was only ~20 minutes after I left him negative feedback which is an extremely short time to notice negative trust.
Hey why the fuck u leave negative trust on me? I've never claimed to have any s3's? That needs to be corrected immediately.
He told me, among other things that he has 3 S4's that he can use as income to repay the loan
It says that you claimed to have 3 S4's
Its says what? Where? I've never 1 time said I have s3's
Its says what? Where? I've never 1 time said I have s3's
[2/11/15, 5:30:51 PM] Neymar Dos Santos Jr.: my miners make money
[2/11/15, 5:30:55 PM] Neymar Dos Santos Jr.: one week maximum
[2/11/15, 5:31:16 PM] quick seller: what miner do you have?
[2/11/15, 5:31:21 PM] Neymar Dos Santos Jr.: s4
[2/11/15, 5:31:30 PM] quick seller: just one?
[2/11/15, 5:31:34 PM] Neymar Dos Santos Jr.: 3
yes you did
2nd of all. I've never had a loan in my life. I don't know who your talking to or about, but this needs to be fixed ASAP.
I did not respond to this message
Hey, I don't know what's going on here. I am convicted2008. It logged me out and said that my account does not exist anymore. Now I'm searching for my posts that I done and someone said that I'm Candystripes. I have no clue who that is or what the fuck is going on but I'm gonna get to the bottom of it.
Hey, I don't know what's going on here. I am convicted2008. It logged me out and said that my account does not exist anymore. Now I'm searching for my posts that I done and someone said that I'm Candystripes. I have no clue who that is or what the fuck is going on but I'm gonna get to the bottom of it.
Well you just changed your password, but I doubt that you were logged out.
You can post in my scam accusation against you if you want to discuss anything further.
Hard to tell, a scammer would write the same or something very similar. I am not sure how long it would take me to notice my trust rating changed. I guess it depends on the section one is posting in. The last post by Convicted2008 before confronting you via PM was this[2] which would reveal the rating gue to the section (gambling).
So I was able to resolve the IP address of the Skype account posted by the OP. I am not going to publish it right now, however it does show as belonging to a time warner cable and being located in Lexington, KY, which does match this guy's Facebook account.
I was also able to resolve the IP address of CandyStripes's Skype account, and his IP address is 24.150.101.228 which resolves back to Cogeco Cable and being in Ontario, Canada. While neither of these is 100% concrete, I do not believe that convicted2008 is actually one and the same of CandyStipes (although I think there is a very high probability that they are associated in some way).
From my perspective as a european thats worlds between the two locations. But physical location is not as relevant nowadays.
I would say that, at best this person has extremely poor security procedures so when trading with him, there is a high probability that it is not actually him.
I would say it is more likely that this person is associated with CandyStripes in some way, and that he intentionally allowed his account to be accessed.
Regardless of the above, the fact remains that this person admitted to scamming a pharmacy by attempting to rob it and resorting to violence when caught. I would say that a 'trade with caution' tag is appropriate no matter which scenario is the most correct. I will most likely edit my feedback on this account in the future, however I want to allow some time for additional evidence to come out first. The fact that the feedback is negative is not going to change, but the comment that the OP is an alt of Candy may change.
I am not sure what to think, but the account is certainly scorched earth. Even if they planned it together the person that originally owned the Convicted2008 account can no longer use it. I dont think the past matters that much as the fact that something fishy was going on. I think this thread gather enough details for anyone that wants to get a picture about what happened.
This came via PM, I hope its fine to post this here. I somehow think it should be public.
Sorry I been busy. Just on my lunch. I sent you 0.01 for all that you posted. Thanks again.
Thanks, it was not needed, but I appreciate it.
[1]
http://en.wikipedia.org/wiki/Occam%27s_razor[2]
https://bitcointalk.org/index.php?topic=950714.msg10431914#msg10431914
