Pages:
Author

Topic: bitscalper anyone use this ? [PASSWORDS LEAKED] - page 4. (Read 40998 times)

hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Correct me, but aren´t the makers of bitscalper from Germany?

Wasn't the site ran from Italy?


Correct me, but aren´t the makers of bitscalper from Germany?

Completely mixed up. He claims to be Italian but hosted through KalyHost in Germany.
hero member
Activity: 686
Merit: 500
Bitbuy
Correct me, but aren´t the makers of bitscalper from Germany?

Wasn't the site ran from Italy?
legendary
Activity: 1484
Merit: 1005
as of today he's been online,

https://bitcointalksearch.org/user/bitscalper-49490

what's up dude?  why can't i log in to my account?
sr. member
Activity: 333
Merit: 250
Correct me, but aren´t the makers of bitscalper from Germany?
hero member
Activity: 1778
Merit: 504
WorkAsPro
Is the 10 days he couldn't use the site for incase he was arrested over?
full member
Activity: 168
Merit: 100
For all you know, this site is Atlas's.

what?


marked
hoo
member
Activity: 89
Merit: 10
As far as I know the site still hasn't paid anyone, so it looks like I was right and it was a scam.

The nature of the vulnerability made me especially suspicious. All login attempts were being logged to a text file at http://bitscalper.com/p/app/log . It's possible that Bitscalper was intentionally logging passwords, and this was the only way he knew how to do it with his CMS.


You need to put a scammer tag on your account.
hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
STAY FAR AWAY FROM THIS  SHIT!
Bit late for that, isn't it?
legendary
Activity: 1611
Merit: 1001
STAY FAR AWAY FROM THIS  SHIT!
legendary
Activity: 1484
Merit: 1005
WELP, looks like I'm never gonna get my money back
member
Activity: 67
Merit: 130
A big "IDIOT" tag on the people that gave money to bitscalper and complain they were scammed?
And a bigger tag for those who didn't earn on it back then when it was bringing 2% a day.
sr. member
Activity: 313
Merit: 251
Third score

A big "IDIOT" tag on the people that gave money to bitscalper and complain they were scammed?

If there was such a tag for every victim of every bitcoins scam, the board would be full of these. Quite discouraging, to say the least.
hero member
Activity: 532
Merit: 500
Can we get a "SCAMMER" tag on bitscalper for not giving all their depositors money back?

and....

A big "IDIOT" tag on the people that gave money to bitscalper and complain they were scammed?
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
Whether Bitscalper is a blatant ponzi, or just another MyBitcoin scam is besides the point--- the owner wants to remain 100% anonymous at all costs, did not backup any wallets or site code, does not understand security, constantly brags about who he knows and what he can do and yet falls short of even the mildest of expectations. This site should not be avoided because "someone didn't get paid out", it should be avoided because anonymous services that hold your money are a bad idea. For all you know, this site is Atlas's.
hero member
Activity: 700
Merit: 507
Well.. following this thread is interestering..

I was very convinced this whole thing was nothing but a big scam.. still i am but less than before. IF it was a scam, why "coming back to life" when they had a good reason to run off with the money? Currently i just think that they work on the most obvious duplication bug(s) and hence wont allow withdrawals.. but hey.. it could be just a big scam afterall ,0)
member
Activity: 74
Merit: 10
Update:
Set up withdrawal on Sat 18th.
Sun 19th Feb still "Processing".

(Changed password with no difficulty Sunday)
Monday No response can't log in
Tuesday No response can't log in; withdrawals still "processing"
Probability this is a scam approaches 99%.
full member
Activity: 134
Merit: 100
This password fiasco remembers me of some emails exchange I had with their support on 13 January:

bitscalper:
Dear User,

We apologize but your password was changed because of a technical problem to the database. Your password is now : ******
Feel free to change it by logging in into your account.

me:

I changed the password to the old one and now I can't login with either of the 2
can you change the password again but with a stronger one?

bitscalper: Try now with ***** and try again to change it yourself. I think you did not set the one you had before. The hash looked differently!

me:

the ****** worked and changed it again to the old one
I'm 100% that was the correct one this time and I have the same problem
pls change it again and send me the new pass.

My guess is that you are not sanitizing the input field or something like that
I guess I will have to use a normal password with only alphanumeric characters


bitscalper:

Strange, the input is automatically hashed and saved in the db. We'll look into that. I'll change your password now.


In the end everything was ok.

So they had some problems with the passwords on 13 January
They also say that they are hashing the passwords
administrator
Activity: 5222
Merit: 13032
As far as I know the site still hasn't paid anyone, so it looks like I was right and it was a scam.

The nature of the vulnerability made me especially suspicious. All login attempts were being logged to a text file at http://bitscalper.com/p/app/log . It's possible that Bitscalper was intentionally logging passwords, and this was the only way he knew how to do it with his CMS.
member
Activity: 74
Merit: 10
We seem to be in regime of shoot the messenger here!

Anyone who has such knowledge has to make a judgement call:

1. to quietly notify the site to get it fixed

or

2. To tell everyone so that they can change passwords ASAP and/or get their funds out.

or

3. Do both.


Which you do depends on your view of the site and how it will react to the message. 

Is it a scam vs not a scam. 

If it is a scam and you alert the owner who legs it, everyone else will be pissed.

If it isn't a scam and you alert everyone else the site may be badly damaged or killed.

We can all be wise after the event but that does not make Theymos's judgement call negligent.


hero member
Activity: 532
Merit: 500
i do believe this is highly negligible and criminal what theymos has tried to do.
Huh
what did he do

Theymos pointed every scammer on the internet to bitscalper.


This can be taken as proof.
We are just checking that everything is in order, funds appear safe. We had hundreds of hack attempts those last days and we need to make sure there was no security breach at all and remove the bogus requests before filling withdrawals.

this is text book definition criminal negligence, this kind of action by an admin of bitcointalk should not be allowed to stand.

Lets say a reporter said on TV to not buy cars at a car dealership because they the cars they sold all used the exact same key.  Then a bunch of scammers went to the dealership because they heard the report and tried to steal the cars.  The fault lies with the car dealership not the reporter for being negligent in not knowing how to secure a car lock.
Pages:
Jump to: