О да... Сразу видно проффесионала своего дела... Без лицензии, без оф регистрации, без персональных данных, да еще и оскорбляющего людей направо и налево, обвиняющего их не приводя НИКАКИХ реальных доказательств. Тупо льющего воду в своих сообщениях. Какой бы "обменник" связался с таким "спецом"? В каком бы реальном "расследовании" "доказательства" им собранные могли бы быть использованы? По моему это риторические вопросы...
Это я все к тому, чтобы люди в беде прошедшие по ссылке на сайт этого афериста задумались что они делают и с кем хотят связатся... Собственно для этого я и запустил эту тему.
Topic: Внимание, мошенник и вымогатель! - page 2. (Read 5694 times)
You're a fucking idiot. You're going to point out that I typo'd your name as evidence of what?
Full logs, evidence and dox have been forwarded to the proper authorities. Enjoy.
And good luck. I'm done with you.
Full logs, evidence and dox have been forwarded to the proper authorities. Enjoy.
And good luck. I'm done with you.
Доброе утро всем. Наш милый друг начинает завиратся. В посте с логами на первой странице он писал что акк уведшего "pendalf2008". теперь прислал письмо, да и в английской ветке уже отписывает ник как "pendolf2008":
Все в том же посте с логами я обратил внимание на одну интересную деталь, на которую сразу не глянул... Он еще кичится там "одинковостью" User-Agent. Так вот user-Agent там Mac... Вы не поверите, но у меня не мак. Мак в принципе на мою машину не станет насколько мне известно
. Похуду наш спамер когда эти логи делал допустить даже не мог что на нашей територии подавляющее большинство машин не Mac...
Quote
Let us start fresh, because obviously there is some miscommunication on your end.
Hi Anton, I'm a security researcher and I was hired by an exchange to do post-hack forensic work, and identify who stole their Bitcoins. About 600 BTC and 2700 LTC were stolen from the exchange. I can not mention the exchange at the time because it is currently not willing to disclose the fact.
When I began doing the research I found that the attacker discovered a vulnerability on the site from his home IP, the same IP was used to log into the 'pendolf2008' account.
The three IPs I presented you in the forum threads are IPs that were used to log into your account. If you google "Whatsmyip" and find a site to tell you your IP address and compare that address to the IP I have listed in the forum threads you will see that you're either in the same range, or have the same IP used to attack the exchange.
I'm sure your IP is dynamic, because 3 IPs from the same /19 IP range were used to log into the 'pendolf2008' account. The 3 IPs tied to your account are pointed to Everest ISP to your town in Ukraine.
With that being said - the attack points directly to you. Now, if you did not commit the attack - can you please think of who it may have been that used your connection or computer?
Looking forward to your response.
Hi Anton, I'm a security researcher and I was hired by an exchange to do post-hack forensic work, and identify who stole their Bitcoins. About 600 BTC and 2700 LTC were stolen from the exchange. I can not mention the exchange at the time because it is currently not willing to disclose the fact.
When I began doing the research I found that the attacker discovered a vulnerability on the site from his home IP, the same IP was used to log into the 'pendolf2008' account.
The three IPs I presented you in the forum threads are IPs that were used to log into your account. If you google "Whatsmyip" and find a site to tell you your IP address and compare that address to the IP I have listed in the forum threads you will see that you're either in the same range, or have the same IP used to attack the exchange.
I'm sure your IP is dynamic, because 3 IPs from the same /19 IP range were used to log into the 'pendolf2008' account. The 3 IPs tied to your account are pointed to Everest ISP to your town in Ukraine.
With that being said - the attack points directly to you. Now, if you did not commit the attack - can you please think of who it may have been that used your connection or computer?
Looking forward to your response.
Все в том же посте с логами я обратил внимание на одну интересную деталь, на которую сразу не глянул... Он еще кичится там "одинковостью" User-Agent. Так вот user-Agent там Mac... Вы не поверите, но у меня не мак. Мак в принципе на мою машину не станет насколько мне известно
. Похуду наш спамер когда эти логи делал допустить даже не мог что на нашей територии подавляющее большинство машин не Mac...
And still no answer about an URL... 
I'm helping people. An exchange. There is no nonsense here. It's probably nonsense to you because you either refuse to understand what I am saying or you simply don't understand what I'm saying. And if that is the case - acquire an English speaker to help you decipher what I'm saying.
In any case - BTC were stolen and it points to your friend pendolf2008. If you want to help him - ask him to track down who stole the BTC from his IP address. I tried emailing him nicely, even giving him steps to take to figure out what happened from his end in case he didn't do it. But I will not stop until either the BTC are returned or someone gets arrested for stealing the BTC.
So, if your friend did steal the BTC its best you ask him to return them. If he didn't steal them, it's best to help him figure out who did steal them from his IP.
Pretty simple.
In any case - BTC were stolen and it points to your friend pendolf2008. If you want to help him - ask him to track down who stole the BTC from his IP address. I tried emailing him nicely, even giving him steps to take to figure out what happened from his end in case he didn't do it. But I will not stop until either the BTC are returned or someone gets arrested for stealing the BTC.
So, if your friend did steal the BTC its best you ask him to return them. If he didn't steal them, it's best to help him figure out who did steal them from his IP.
Pretty simple.
Вы ему можете по-русски писать он всё прекрасно понимает. и много чего он людям тут и лично понаписал
Я думаю это чудо сейчас умиляется сколько внимания привлекли от общественности его спецталанты и хакерские виртуозы. Потешим его самолюбие вниманием к его персоне и обсуждением чуши которую он заварил
Я думаю это чудо сейчас умиляется сколько внимания привлекли от общественности его спецталанты и хакерские виртуозы. Потешим его самолюбие вниманием к его персоне и обсуждением чуши которую он заварил
Haha, I don't understand Russian. I'm using translate.google.com to help me figure out what you gents are saying. Are you trying to drum up a conspiracy, or something?
Ну что же, я чутка изучил вопрос и обнаружил, что se[c] как минимум врет в своей подписи, что он разраб foxcoin. Пост в теме о фокс коине аж на 50+ странице + он сам был зареган почти спустя месяц после запуска монеты.
Вообще если посмотреть его посты, то становиться понятно, что это какой-то школьник, строящий из себя крутого спеца: абсолютно пустые посты, никакой конкретики.
se[c], how can you be a foxcoin dev if you registered almost after month from the start of the coin and you simply have no posts about foxcoin? Maybe you lie about that? And also calling a person without proof is not good. You didn't post the exchange. If the exchange has any kind of problems with somebody, exchange owner must contact that person DIRECTLY and not use strange 3rd party members like you with fresh reg date and few posts.
Most important thing: if you call a person a thief (or you state that his computer was used to do a hack), you MUST post all proof info.
Exchange that has got bad protection and hides the fact that they were hacked is shit exhcange. Post all proof info including wallets and other detais or apologize and GTFO!
Вообще если посмотреть его посты, то становиться понятно, что это какой-то школьник, строящий из себя крутого спеца: абсолютно пустые посты, никакой конкретики.
se[c], how can you be a foxcoin dev if you registered almost after month from the start of the coin and you simply have no posts about foxcoin? Maybe you lie about that? And also calling a person without proof is not good. You didn't post the exchange. If the exchange has any kind of problems with somebody, exchange owner must contact that person DIRECTLY and not use strange 3rd party members like you with fresh reg date and few posts.
Most important thing: if you call a person a thief (or you state that his computer was used to do a hack), you MUST post all proof info.
Exchange that has got bad protection and hides the fact that they were hacked is shit exhcange. Post all proof info including wallets and other detais or apologize and GTFO!
Good logic you have there - assuming that you can only be a coin developer before or during its launch. Unfortunately for you this thinking is incorrect. I joined the development team after its launch, but I don't see the point in explaining this to you as it has nothing to do with the situation at hand.
As to the more important questions you raise - perhaps you're confused as to how this thread was started. Instead of pendolf2008 responding to me privately about the incident he decided to make a public thread. For what? I have no idea. I don't know whether he did it out of fear, I don't know whether he did to have an alibi and have his friends defend his reputation. But the point is I didn't make any public posts about the situation until he began this nonsense of publicly discussing the issue.
I have provided logs of the attacker, containing his IP address and containing the other IP addresses and username he used on the exchange. He used the same account and IP address to exploit a vulnerability and sending BTC out of the exchange.
And your logic is also flawed in the sense that you think that having a registered account with a lot of posts, or an old registration date proves somehow someones integrity. Sorry to disappoint you by pointing the flaw in this but there are many known cases of older accounts with Hero status scamming people out of money. It is true my account is relatively new, but I've been lurking on the forums for several years. I simply didn't have a need to create an account or post to threads at the time until now.
As for the Exchange contacting him - they did. They even called him directly. But he hangs up the phone. How can they communicate with someone who hangs up the phone at the mentioning of stolen Bitcoins?
How about you sit back and analyze the full situation before you make these ridiculous posts defending someone you have no idea did or did not in fact steal the BTC. In his other posts he made reference to the possibility that maybe his Wifi or computer were compromised. Have you asked him about auditing his router/computer for signs of intrusion? Or are you simply and blindly going to believe him at will?
All he has to do is privately respond back to me, and we can actually move forward on figuring out what happened. If he didn't do it, so be it. But clearly he's tied to the theft in some way.
Thanks for your opinion on the matter.
Ну что же, я чутка изучил вопрос и обнаружил, что se[c] как минимум врет в своей подписи, что он разраб foxcoin. Пост в теме о фокс коине аж на 50+ странице + он сам был зареган почти спустя месяц после запуска монеты.
Вообще если посмотреть его посты, то становиться понятно, что это какой-то школьник, строящий из себя крутого спеца: абсолютно пустые посты, никакой конкретики.
se[c], how can you be a foxcoin dev if you registered almost after month from the start of the coin and you simply have no posts about foxcoin? Maybe you lie about that? And also calling a person without proof is not good. You didn't post the exchange. If the exchange has any kind of problems with somebody, exchange owner must contact that person DIRECTLY and not use strange 3rd party members like you with fresh reg date and few posts.
Most important thing: if you call a person a thief (or you state that his computer was used to do a hack), you MUST post all proof info.
Exchange that has got bad protection and hides the fact that they were hacked is shit exhcange. Post all proof info including wallets and other detais or apologize and GTFO!
Вообще если посмотреть его посты, то становиться понятно, что это какой-то школьник, строящий из себя крутого спеца: абсолютно пустые посты, никакой конкретики.
se[c], how can you be a foxcoin dev if you registered almost after month from the start of the coin and you simply have no posts about foxcoin? Maybe you lie about that? And also calling a person without proof is not good. You didn't post the exchange. If the exchange has any kind of problems with somebody, exchange owner must contact that person DIRECTLY and not use strange 3rd party members like you with fresh reg date and few posts.
Most important thing: if you call a person a thief (or you state that his computer was used to do a hack), you MUST post all proof info.
Exchange that has got bad protection and hides the fact that they were hacked is shit exhcange. Post all proof info including wallets and other detais or apologize and GTFO!
too bad i cant read russian putin!
ну что тут сказать... Видно чувак понял что ничего не добьется и решил "красиво" свалить. Скамер, спамер и т.д. Уже успел обвинить lira в том что я "заплатил" за поддержку. Видимо и всем остальным я "заплатил" .
Эх, мне бы хотя бы 1/100-ю часть той суммы о которой он говорил... Я б фермочек прикупил....
.Эх, мне бы хотя бы 1/100-ю часть той суммы о которой он говорил... Я б фермочек прикупил....
Still no answer about your exchange's URL?
Lira,
If you are so sure your friend didn't commit the crime why aren't you helping him audit his system to figure out if he was backdoored, or that his router was or wasn't compromised?
Like I said in the other English thread - I could care less for the Satoshis he's stashing in his wallet, I only confronted him privately for the BTC he stole. If he didn't steal it then who did? It clearly came from his IP address. The truth of the matter is the logs point to him. If it didn't point to him I wouldn't have been messaging him to return the stolen BTC in the first place.
Instead of trying to be a white knight and defend your friend you probably should be trying to figure out the answers to the questions surrounding this situation.
Either way, I did my end of the the deal - and find the attacker - pendalf2008. If he doesn't return the BTC he stole then he will have to answer to authorities. That's pretty much the end of it.
Cheers!
If you are so sure your friend didn't commit the crime why aren't you helping him audit his system to figure out if he was backdoored, or that his router was or wasn't compromised?
Like I said in the other English thread - I could care less for the Satoshis he's stashing in his wallet, I only confronted him privately for the BTC he stole. If he didn't steal it then who did? It clearly came from his IP address. The truth of the matter is the logs point to him. If it didn't point to him I wouldn't have been messaging him to return the stolen BTC in the first place.
Instead of trying to be a white knight and defend your friend you probably should be trying to figure out the answers to the questions surrounding this situation.
Either way, I did my end of the the deal - and find the attacker - pendalf2008. If he doesn't return the BTC he stole then he will have to answer to authorities. That's pretty much the end of it.
Cheers!
Может его подставили. А он здесь распинается. Антивирус не поможет - такие трои штучные, нужно систему и окружение менять.
Больше похоже на скам.
Больше похоже на скам.
Так какую же биржу\обменник поломал наш ТС?
))
))воображаемую
Так какую же биржу\обменник поломал наш ТС?))
))
Так я и не оправдываюсь. Это в воображении спамера мои слова выглядят как оправдание.
It points to anywhere. That fact that you know my ip telling nothing. My PC could be hacked by tracking cookie, by troyan or other virus. My wi-fi thone could be hacked. Your arguments so funny, that I even will answer on this your message
Я ему ответил, что наличный у него ip ни о чем. И привожу варианты (одни из многих) почему это ни о чем. А он выставляет это как оправдание. Ну да адекватностью с его стороны как бы и не пахнет.
Quote
Quote
from: se[c] on Today at 09:58:04
Clearly someone used your IP to steal BTC. Either it was you, or your girlfriend, or your mother, or your neighbor. Someone FROM YOUR IP stole BTC.
Is this hard to understand? I posted logs of the attack into your thread since you seem so sure that I'm a spammer/scammer. How about you research who I am first. I run a security project for Bitcoin exchanges. I help exchanges recover stolen Bitcoins. I help exchanges fix security problems.
You're looking like a real idiot by claiming I am a scammer/spammer/whatever. I didn't ask you for your personal measily BTC. I asked for the BTC that was stolen FROM YOUR IP.
If you did not do it fine. Tell me who did it. Obviously you must know the person.
Check the attack logs. Check the IPs. It all POINTS TO YOU Anton.
So either work with me, or answer to authorities.
Clearly someone used your IP to steal BTC. Either it was you, or your girlfriend, or your mother, or your neighbor. Someone FROM YOUR IP stole BTC.
Is this hard to understand? I posted logs of the attack into your thread since you seem so sure that I'm a spammer/scammer. How about you research who I am first. I run a security project for Bitcoin exchanges. I help exchanges recover stolen Bitcoins. I help exchanges fix security problems.
You're looking like a real idiot by claiming I am a scammer/spammer/whatever. I didn't ask you for your personal measily BTC. I asked for the BTC that was stolen FROM YOUR IP.
If you did not do it fine. Tell me who did it. Obviously you must know the person.
Check the attack logs. Check the IPs. It all POINTS TO YOU Anton.
So either work with me, or answer to authorities.
It points to anywhere. That fact that you know my ip telling nothing. My PC could be hacked by tracking cookie, by troyan or other virus. My wi-fi thone could be hacked. Your arguments so funny, that I even will answer on this your message
Я ему ответил, что наличный у него ip ни о чем. И привожу варианты (одни из многих) почему это ни о чем. А он выставляет это как оправдание. Ну да адекватностью с его стороны как бы и не пахнет.
Увидел его пост с логами. До этого не видел, ибо поставил его в игнор...
Так что он тут пишет. Ну про логи молчу, такую хрень я и сам в блоноте набрать могу. Адреса обменника там нет, вот что главное...
Ага, вот:
Че-то я не видел где я такое подтверждал? Опять клевещем так? Мне предоставен один мой ip. Текущий 109.108.238.161. Остальные возможно вообще взяты с потолка, я за своим динамическим ip не слежу. А с какого перепугу я должен общатся с недоумками обвиняющими меня в воровстве? Напишите сюда обменник с которого я якобы что-то увел... Ну и адреса на которые увел...
Так что он тут пишет. Ну про логи молчу, такую хрень я и сам в блоноте набрать могу. Адреса обменника там нет, вот что главное...
Ага, вот:
Quote
Once we confirmed it was his IP that attacked the server initially, and confirmed all three IP addresses from the same ISP to the same town in UA logged into the 'pendalf2008' account we then began finding personal information on who he was. We doxed him. Contacted him. And instead of admitting the fault, and simply returning BTC he has resulted to deflecting the situation.
Че-то я не видел где я такое подтверждал? Опять клевещем так? Мне предоставен один мой ip. Текущий 109.108.238.161. Остальные возможно вообще взяты с потолка, я за своим динамическим ip не слежу. А с какого перепугу я должен общатся с недоумками обвиняющими меня в воровстве? Напишите сюда обменник с которого я якобы что-то увел... Ну и адреса на которые увел...
Please give us the URL of your exchange. I want to do kinda security audit.
Не, ну а что, вычислить по IP и чего то там требовать этож высший пилотаж )))
Школьники, мля...
Школьники, мля...
So now you're telling me we're idiots for assuming you didnt do it because you could have been hacked, your wifi could have been cracked or your mother did the attack. Well first off your mother sounded nice on the phone so I don't think she could have done it.
If your systems are indeed hacked/infected with trojans don't you think the logical thing to do is log offline, separate your machines off the Internet and begin auditing your system for infection? Perhaps even being helpful and providing the trojan itself that you are infected by? And what are the odds that someone is going to log into the exchange as you to check on your coin balances, then exploit a hole in the system at the same time? And what are the odds that someone would hack your piece of shit computer, on your piece of shit slow connection to commit this hack and frame you? You must be special. Or hated.
If your wifi was cracked, then perhaps don't you think that instead of being smug and calling people idiots perhaps you should log into your router and look into your authentication logs to see if anyone has logged into your router? Maybe even producing screen shots and MAC logs of the actual incident?
Another thing you're not taking into account here is that the UserAgent/IP that attacked the site, matches the same logs of every single time you logged into the exchange? So, let me guess - someone infected you with a trojan, installed and configured RemoteDesktop and used your system and your slow connection to break into the site while you were checking your coin balances? And you do not notice this?
Your arguments are simply bad. And instead of being stubborn and holding onto stolen BTC you should return them. You may even get a nice reward in cash for it. So I guess you need to really evaluate who the real idiot here is.
If your systems are indeed hacked/infected with trojans don't you think the logical thing to do is log offline, separate your machines off the Internet and begin auditing your system for infection? Perhaps even being helpful and providing the trojan itself that you are infected by? And what are the odds that someone is going to log into the exchange as you to check on your coin balances, then exploit a hole in the system at the same time? And what are the odds that someone would hack your piece of shit computer, on your piece of shit slow connection to commit this hack and frame you? You must be special. Or hated.
If your wifi was cracked, then perhaps don't you think that instead of being smug and calling people idiots perhaps you should log into your router and look into your authentication logs to see if anyone has logged into your router? Maybe even producing screen shots and MAC logs of the actual incident?
Another thing you're not taking into account here is that the UserAgent/IP that attacked the site, matches the same logs of every single time you logged into the exchange? So, let me guess - someone infected you with a trojan, installed and configured RemoteDesktop and used your system and your slow connection to break into the site while you were checking your coin balances? And you do not notice this?
Your arguments are simply bad. And instead of being stubborn and holding onto stolen BTC you should return them. You may even get a nice reward in cash for it. So I guess you need to really evaluate who the real idiot here is.
Jump to: