Pages:
Author

Topic: bitscalper anyone use this ? [PASSWORDS LEAKED] - page 6. (Read 40998 times)

newbie
Activity: 7
Merit: 0
No doubt, the current information situation about bitscalper.com looks disastrous.
However, I would be a little bit more carefully to call it already the end.

My impression of his website was that he runs it without help from others and he try to fix it. His support was, especially in the first weeks, quite good. Then he had to argue more and more how he can guarantee 5% a day (which btw he never did). Not every single discussion was fair, I think he gets frustrated to argue over and over again. Then he run into more and more technical problems, including the unavailability of the VPS service over 3 days. The last weeks the website was very often unavailable (login problems etc.). This morning the breaking news about password leaks. If he is giving a one man show and maybe also has to work, all of this could grow over his head, especially with the responsibility of the transferred bitcoins.  I can remember how he get angry and complained about a user who was able to payout a small sum of bitcoins he didn't own, because of a mistake on the bitscalper website.

I too am not 100% sure it was a scam. If it was I've lost a couple btc. Maybe his algorithm went haywire, he lost a few hundred btc, panicked and went dark till he could earn them back again...and then this password thing erupted. Who knows. I can see myself behaving the same way, just trying to avoid everyone until I can say, here I am, I fixed it all, sorry. Not the most honest, forthcoming approach surely, but a human one, and a behaviour that doesn't only map to scammers.

I was able to log in again recently, and my coins were still apparently there, and the site let me enter a request to withdraw them all. I'll let you know if they actually get sent out.
newbie
Activity: 54
Merit: 0
I guess you ment this as a good tip. Thanks for that, but I am aware of secure passwords, patterns, etc. Smiley But there are many users that use the same password for the site as for the mail account they registered.
member
Activity: 74
Merit: 10
You should use a different password for every different site!
newbie
Activity: 54
Merit: 0
Thank go I don't use the same password on my used mail account Cheesy
sr. member
Activity: 333
Merit: 250
For the Hackers here:

Code:
Error 1054 : Unknown column 'readable' in 'field list'

SQL = [UPDATE spyuser SET readable ='XXXXXXXXXXXXXXXXXXXX' WHERE email = 'XXXXXXX']

Array ( [0] => Array ( [file] => /var/www/p/app/database.php [line] => 19 [function] => db_report_error [args] => Array ( [0] => UPDATE spyuser SET readable ='XXXXXXXXXXXXXXXXXXXX' WHERE email = 'XXXXXXX' ) ) [1] => Array ( [file] => /var/www/p/app/index.php [line] => 14 [function] => db_query [args] => Array ( [0] => UPDATE spyuser SET readable ='XXXXXXXXXXXXXXXXXXXX' WHERE email = 'XXXXXXX' ) ) )

(Where XXX... where some Data of my Account)


This was an Error after logging in today...
hero member
Activity: 662
Merit: 545
hmm perhaps www.buttscalper.com will soon be born?
hero member
Activity: 630
Merit: 500
To me, the interesting thing is that if someone made a legit version of BitScalper and actually capitalized on arbitrage opportunities, it could potentially do wonders for the market.  If I had the coding skills, I would do this in a heartbeat.  Any excellent coders want to consider teaming up and running with this? 
The owner should sell the arbitrage code only and let someone else build a robust, secure "shell" around it.
hero member
Activity: 1778
Merit: 504
WorkAsPro
I had a small peice of 1BTC in there, it's still there, nobodys stolen it. It's still earning tiny returns, although hasn't been over the last couple of days. Never mind 5% I've never even seen a tenth of 1%.

Reguarding an earler comment, the whole effort probbably is very amateurish, it does work though, to a point.

I may be able to assist you Joint reguarding your coding project.
hero member
Activity: 607
Merit: 500
If only I had enough time... Smiley
legendary
Activity: 1834
Merit: 1020
To me, the interesting thing is that if someone made a legit version of BitScalper and actually capitalized on arbitrage opportunities, it could potentially do wonders for the market.  If I had the coding skills, I would do this in a heartbeat.  Any excellent coders want to consider teaming up and running with this? 
legendary
Activity: 1692
Merit: 1018
BTW. After the password leak info, I haven't read about stolen bitcoins from bitscalper user accounts. Does anybody miss bitcoins or see payout requests he didn't made? Maybe the silent canceling of all outstanding payout requests this morning was his first reaction on the password leaks info?

The whole pictures is not soo clear for me to call it already and for 100% a scam.

@Bitscalper: If all of this was not fraud, you had now enough time to to the most important steps in advance. YOU HAVE TO GIVE A STATEMENT EXPLAINING THE SITUATION. On your website or somewhere else. Otherwise everyone can be sure that bitscalper.com is fraud.

I would like to hear at what point the site's creator thought it would be a good idea to store passwords as plain text.  There is no 'I'll get around to it later...' explanation.  It's a serious design flaw from day one.  It makes the whole effort look very amateurish at best and makes me wonder how many other serious flaws exist on the site, just waiting for be exploited.
hero member
Activity: 630
Merit: 500
Great, I feel like I have to wait a YEAR of operation now before I can trust a new BTC business again.

it's quite the problem. WE dont have traditional corps doing bitcoin for the most part.
and the people who do bitcoin like to remain anonymous.

and due to the nature of things, we are a temping target.


I'm not quite sure the best way to fix this.

we could have "trusted" long timers  who know things like security and can read code to vet a site, of course I can see why some sites might not want to share code. But sites need to be as open as possible to the processes involved. And live wallet data is nice.

It is even hard to trust pools until they get a lot of uses and have been established.

This actually highlights one of the problems with the pure free markets, you need brave souls willing to put their lives or money on the line to test the waters and even then, you cant be assured that things will always remain the same. A popular scam is to build up trust, before you skip town.

I dont know but I think we need a trustworthy BTC service vetting service. something with well known names behind it. It wont be fool proof but it would help.

I was thinking these problems could be solved two ways.  First is the way you described.  Use old trusted BTC members to audit code.  However, I think the better way is to use one of the few trusted 3rd party security auditing services that are out there.  Many large business rely on those security auditing services.
administrator
Activity: 5222
Merit: 13032
I may have missed this somewhere... but is there a list of user names that were leaked?  I cant remember if I even signed up an account for this site and I would like to double check.

If you send me the email addresses you may have used to sign up, I'll check whether you're on the list.
sr. member
Activity: 360
Merit: 250
This obvious scammer managed to take 1900 BTC

Where's that figure coming from?

A few hours before I did a short calculation of the outstanding payout requests on this website.
Now, a few hours later, the list has grown and without a recalculation I guess the open sum is now about 3000 BTC, still counting.
sr. member
Activity: 360
Merit: 250
No doubt, the current information situation about bitscalper.com looks disastrous.
However, I would be a little bit more carefully to call it already the end.

My impression of his website was that he runs it without help from others and he try to fix it. His support was, especially in the first weeks, quite good. Then he had to argue more and more how he can guarantee 5% a day (which btw he never did). Not every single discussion was fair, I think he gets frustrated to argue over and over again. Then he run into more and more technical problems, including the unavailability of the VPS service over 3 days. The last weeks the website was very often unavailable (login problems etc.). This morning the breaking news about password leaks. If he is giving a one man show and maybe also has to work, all of this could grow over his head, especially with the responsibility of the transferred bitcoins.  I can remember how he get angry and complained about a user who was able to payout a small sum of bitcoins he didn't own, because of a mistake on the bitscalper website.

For me the strongest indicator that his service is probably scam is that knowing about all or most of this issue and the escalating situation, he finds the time to look inside the forum but could not give ANY short information about the current situation (on his website, or via email, or as a forum post).

On the other side it looks like he has still paid out some of the outstanding payout request this morning. Does he really still think he can get more bitcoins in by paying out some smaller amounts in the current situation?

Maybe bitscalper surprises all of us (including myself) and is really processing the outstanding payout request during the next 24 hours.
The next hours will show.

BTW. After the password leak info, I haven't read about stolen bitcoins from bitscalper user accounts. Does anybody miss bitcoins or see payout requests he didn't made? Maybe the silent canceling of all outstanding payout requests this morning was his first reaction on the password leaks info?

The whole pictures is not soo clear for me to call it already and for 100% a scam.

@Bitscalper: If all of this was not fraud, you had now enough time to to the most important steps in advance. YOU HAVE TO GIVE A STATEMENT EXPLAINING THE SITUATION. On your website or somewhere else. Otherwise everyone can be sure that bitscalper.com is fraud.
legendary
Activity: 1008
Merit: 1000
I may have missed this somewhere... but is there a list of user names that were leaked?  I cant remember if I even signed up an account for this site and I would like to double check.
full member
Activity: 237
Merit: 100
This obvious scammer managed to take 1900 BTC

Where's that figure coming from?
hero member
Activity: 728
Merit: 500
Yes, there is no excuse for losing money to this. The only way investing here made any sense is if you recognized the scam but thought you could get out first. These posts about "free market failures", etc are stupid.
hero member
Activity: 784
Merit: 1000
bitcoin hundred-aire
lol, we saw it coming

I certainly did  Wink

I hope this goes without saying... but don't use passwords the same as or in anyway similar to any passwords you use anywhere else, if you already have, then change the passwords you have elsewhere.

you know, just in case.

I don't mean to toot my own horn but...

Roll Eyes

Some of you idiots had it coming.  This obvious scammer managed to take 1900 BTC... I find that HILARIOUS.

Of course, I've been an idiot too on a different matter... (fortunately, I did not risk a few hundred BTC)
full member
Activity: 237
Merit: 100
lol, we saw it coming

I certainly did  Wink

I hope this goes without saying... but don't use passwords the same as or in anyway similar to any passwords you use anywhere else, if you already have, then change the passwords you have elsewhere.

you know, just in case.

I don't mean to toot my own horn but...
Pages:
Jump to: