Author

Topic: Cheater bounty hunters found (Read 515 times)

copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
August 26, 2020, 01:06:51 AM
#21
Took me a while to comeback to this thread as I don't use any of the mention bots.  Cheesy Thanks for the finds @YOSHIE
I just hope the person behind this plot doesn't fuck up some innocent person's account if it gets caught up in shitcoin bounty cheating scandals.

I am trying to export the list from the spreadsheets for easier documentation of people's profiles used by the cheater but there is not easy way.
legendary
Activity: 1974
Merit: 1150
April 15, 2020, 12:06:00 AM
#20
~snip
Thank you YOSHIE, you have found this cheater. I have marked their account as cheating. Even though I am not the DT who can make those signs appear, but I hope Bitcoin_Arena can tag them too and make them appear. YOSHIE good job.
legendary
Activity: 2128
Merit: 1775
April 14, 2020, 04:30:21 PM
#19
the culprit was found.

The five accounts are interconnected with the ETH Address and the telegram they use.

They also use the names @ BITCOIN4X and @Bitcoin_Arena in other Bounty campaigns.

The offender manipulates the names of other members in the bounty campaign.

1. cryptozait
2. eBaktash
3. Zaidsten
4. PMumoni
5. Stenzait

Proof:

Bitcointalk username: @cryptozait
Telegram username: @eBaktash
Twitter username: @cryptozenat
Facebook profile link: https://www.facebook.com/RaizaPMumoni

http://archive.is/wip/KRvNi

Name: Baktash Ershad
Telegram Username: @eBaktash
Facebook Profile Link: https://www.facebook.com/RaizaPMumoni
LinkedIn Profile Link: https://www.linkedin.com/in/baktash-ershad-5521a4157/

http://archive.is/wip/lFofV

Link: http://archive.is/wip/im9W7
Email Address used for creating your Bitwings Account: [email protected]
Completed Required Tasks?: Yes
Completed Additional Tasks?: Yes
Joined @bitwingsairdrop on Telegram?: Yes
Telegram Username: @eBaktash
Ethereum (ERC-20) Wallet Address: 0xB2707BD6f49B815A76a4a79AB0fF2307452e0662

http://archive.is/wip/wFG2t

Bitcointalk Username: Stenzait
Telegram Username: @eBaktash
Twitter Username: @BaktashErshad2
Facebook Profile Link: https://www.facebook.com/RaizaPMumoni
Discord or Reddit profile: https://www.reddit.com/user/Stenzait
Link to retweet, article or video: https://twitter.com/SnBitcoin/status/1119081159248334848

http://archive.is/wip/KYd7P

Related Addresses:
Code:
Telegram username: @eBaktash

Miscellaneous:

This kind of mode, they often use new ETH addresses, to deceive bounty campaigns.
And use the names of other members to manipulate.



Proof:



spreadsheets


On the other hand the same thing happened to the campaign below:

Topic: [BOUNTY] 💣💣💣💣get ETH, USDC, TKP, YOUC [YOUengine] 💣💣💣💣 TOP EXCHANGE IEO

SPREADSHEETS

But this time the culprit is different.
This is the culprit.


1. crypto_lesss

Bitcointalk username: crypto_lesss
Bitcointalk profile link: https://bitcointalksearch.org/user/cryptolesss-2663485
Telegram username: @crypto_sugar
Twitter username: @crypto_run
Facebook profile link: https://www.facebook.com/cryptomagnet.io

http://archive.is/wip/Kx5De

Related Addresses:
1. Telegram username: @crypto_sugar

copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
April 13, 2020, 05:11:40 PM
#18
Yeah, I checked it and seems to be working fine even if I try with switching accounts. Still someone can enroll by altering their IP with VPN still it will cut down abuse to mass degree.
It just works a few times then they start asking for verification even if one tries altering IP address. I think on top of IP address, Google uses other factors like the time intervals of logging into different gmail accounts, the details of the browser used/user agent. If them same browser keeps logging in to different accounts, you will be flagged for verification.

Asking for a proof of Authentication link when registering on google form would be a nice filter thou.
hero member
Activity: 2086
Merit: 761
To boldly go where no rabbit has gone before...
April 13, 2020, 01:24:30 PM
#17
Yeah this is a well know scam people use. They basically use it in 2 ways

1) They use profile of a user who's not doing this bounty
2) They have a list of old accounts and use that


To counter it basically there's 2 ways:

1) Check the last active date for the account
2) Check the proof of participation post.


Proof of participation post is a sure way to out them, as they will not have a valid post with an inactive/not-owned account
member
Activity: 280
Merit: 43
April 13, 2020, 11:52:05 AM
#16
Owo! I am shocked! WTH There are so many scammers.I think it's a kind of fraud team who work together like this.Bounty Manager should be more careful about this. Because of this kind of abuse lots of legit people not paid or paid limited.
legendary
Activity: 3094
Merit: 1472
April 13, 2020, 11:41:32 AM
#15
It is not easy to log in multiple Gmail with a single IP/Device.

If google detect suspicious activity, login multiple Gmail with the same IP. They will ask to u to do verification like "Code" send it to ur number phone has been used to that Gmail.

Yeah, I checked it and seems to be working fine even if I try with switching accounts. Still someone can enroll by altering their IP with VPN still it will cut down abuse to mass degree.


If a manager cares about his reputation as a manager, he will do his best when managing each campaign. But if they dont care about their reputation as managers then I don't think they will.

Many newbie or lower ranking members are now bounty managers. Lack of experience will make the campaigns they manage become a shady place for cheaters of bounty fraud. Somehow many projects entrust their projects to managers like that, I think this will only make the promotion program not as expected.

Well that's the hard truth. Most of the project owners don't know about competent managers and even if they know they only try to cut down losses as much as possible to get the work done by hiring new and incompetent managers. They don't know care how irresponsible they are.
legendary
Activity: 1974
Merit: 1150
April 13, 2020, 05:54:13 AM
#14
POA link is a great idea but I wonder if the verifying each and every entry by clicking link is something that inexperienced manager and lazy manager would go for?
If a manager cares about his reputation as a manager, he will do his best when managing each campaign. But if they dont care about their reputation as managers then I don't think they will.

Many newbie or lower ranking members are now bounty managers. Lack of experience will make the campaigns they manage become a shady place for cheaters of bounty fraud. Somehow many projects entrust their projects to managers like that, I think this will only make the promotion program not as expected.
legendary
Activity: 2660
Merit: 1261
April 13, 2020, 03:07:44 AM
#13
Is there an option to do that? I am not aware of such
Yes, before makes the form u should checklist "Limit to 1 response" and the respondent needs to login Gmail first before they can fill the form.

but even though there is they can make multiple Gmail accounts or buy from someone as there are many selling Gmail accounts also and at very cheap rates.    Cheesy
It is not easy to log in multiple Gmail with a single IP/Device.

If google detect suspicious activity, login multiple Gmail with the same IP. They will ask to u to do verification like "Code" send it to ur number phone has been used to that Gmail.
legendary
Activity: 3094
Merit: 1472
April 13, 2020, 02:59:58 AM
#12
Just set up the form google only filled once for each google account, most of spreadsheets who got bot attack the reason cause the form can be filled by multiple times with a single person/google account.

Is there an option to do that? I am not aware of such but even though there is they can make multiple Gmail accounts or buy from someone as there are many selling Gmail accounts also and at very cheap rates.    Cheesy

In my opinion, if the form requires users to fill in the POA link "not the POA number" then it will be more efficient without changes and easy to find even if one or two posts are deleted. The POA link will also help the manager identify the fraudster because this link can only be posted by real users.


POA link is a great idea but I wonder if the verifying each and every entry by clicking link is something that inexperienced manager and lazy manager would go for?

Another solution is not to use a form, but a manual spreadsheet update instead. Just like a sig campaign in most cases.

Wouldn't it increase the workload. Signature campaign is ok since it doesn't have many applications and going through hardly takes 1-2 hours but imagine the no. of entries for each campaign- article, Facebook, Twitter, Translation, Signature, Telegram.
hero member
Activity: 2576
Merit: 579
April 13, 2020, 02:49:28 AM
#11



In my opinion, if the form requires users to fill in the POA link "not the POA number" then it will be more efficient without changes and easy to find even if one or two posts are deleted. The POA link will also help the manager identify the fraudster because this link can only be posted by real users.


Yes, that's right, this is what the bounty campaign manager must immediately tidy up, so that account names that have not been stolen can be saved, because if we check the participants in the Twitter spreadsheet table, only 10% are pure, the rest is bot or act of someone who stole the names of other people's accounts to join the campaign. and thanks to BITCOIN4X for wanting to make this post.
legendary
Activity: 2170
Merit: 1789
April 13, 2020, 02:31:25 AM
#10
I found my name used like this multiple times, even if there are no confirmation posts on the thread. Sadly most bounties were managed by an incompetent manager so my name stays until the campaign ended and some abusers even get paid.

Another solution is not to use a form, but a manual spreadsheet update instead. Just like a sig campaign in most cases.
legendary
Activity: 1974
Merit: 1150
April 13, 2020, 02:25:41 AM
#9
I think the registration form that only asks for a POA number will provide an opportunity for cheater to fill in a random number or include another users POA number. This also often gives a little problem if one or two other user posts are deleted then the users POA number will change automatically, I think.



In my opinion, if the form requires users to fill in the POA link "not the POA number" then it will be more efficient without changes and easy to find even if one or two posts are deleted. The POA link will also help the manager identify the fraudster because this link can only be posted by real users.

Just set up the form google only filled once for each google account.
This will also help a lot.
hero member
Activity: 2576
Merit: 579
April 13, 2020, 02:23:19 AM
#8
WTF  Huh Angry

If it wasn't for the screenshot spreadsheet, i wouldn't have known that my name was being used for bounty campaigns. I definitely have never applied for this bounty and i don't do them as they are worthless and don't have enough time in and out of the forum.

Looking as the spreadsheet, it seems someone has a list of specific usernames in alphabetical order and is using a bot to apply for the campaigns. Bounty Manager should have some sort of authentication to avoid such scenarios.

Look at the time stamps of application and all the applications have a hashtag before the number

and so many more

Bounty Manager needs to wake up

Yes, really WTF  Angry, and I see the manager of the bounty who is still not careful enough in handling the project and does not ask for proof in the form of link proof in the registration form, just asking for Number of Application, so it will be very easy for someone to use the account name and other people's profile links when joining the campaign. like your name that was stolen on the order of 66 in the Twitter spreadsheet table.
legendary
Activity: 2660
Merit: 1261
April 13, 2020, 02:05:55 AM
#7
Yes it is. There is pattern to their entry. They all are entered with same delay between them so that's how I used to pick those at the time I was managing bounties.

What we need is some sort of captcha type thing in the form to disallow any bot actions. Bad part is there isn't any. Maybe we can move to some other form providers.
Just set up the form google only filled once for each google account, most of spreadsheets who got bot attack the reason cause the form can be filled by multiple times with a single person/google account.
legendary
Activity: 3094
Merit: 1472
April 13, 2020, 01:05:22 AM
#6
Some users have tried to report this case to the manager at the bounty thread, but there has not been any response and there have been no changes to all the cheat applications in the spreadsheet. I have checked it.

It is usually hard to go through every applicant and verify the entry. Thats why they ask to post in thread to verify the participation but going through all of them is really hard work.

Quote
Obviously this is the managers responsibility and I hope he will immediately delete all of my account details there.

Most of the account details entered in the "Twitter Campaign" spreadsheet are bot actions. As we can see, the account detail interval entered in the spreadsheet is very close and is done in large numbers.

Yes it is. There is pattern to their entry. They all are entered with same delay between them so that's how I used to pick those at the time I was managing bounties.

What we need is some sort of captcha type thing in the form to disallow any bot actions. Bad part is there isn't any. Maybe we can move to some other form providers.
legendary
Activity: 1974
Merit: 1150
April 12, 2020, 10:18:24 PM
#5
Some users have tried to report this case to the manager at the bounty thread, but there has not been any response and there have been no changes to all the cheat applications in the spreadsheet. I have checked it.

Obviously this is the managers responsibility and I hope he will immediately delete all of my account details there.

Most of the account details entered in the "Twitter Campaign" spreadsheet are bot actions. As we can see, the account detail interval entered in the spreadsheet is very close and is done in large numbers.

Some other evidence is the number of numbers in the spreadsheet has exceeded the number of applications on the thread as in the screenshot below.



hero member
Activity: 2870
Merit: 594
April 12, 2020, 08:15:12 PM
#4
Yes, as far as I can remember, this is happening way back 2018, (if you guys have been here already). Many trusted account simply found it's way to bounty hunt, LOL.

I agree that this is a campaign's manager responsibility to check the participants. And lately it seems that bounties are being used by bots again, similar to what happened in 2017.
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
April 12, 2020, 03:33:43 PM
#3
WTF  Huh Angry

If it wasn't for the screenshot spreadsheet, i wouldn't have known that my name was being used for bounty campaigns. I definitely have never applied for this bounty and i don't do them as they are worthless and don't have enough time in and out of the forum.

Looking as the spreadsheet, it seems someone has a list of specific usernames in alphabetical order and is using a bot to apply for the campaigns. Bounty Manager should have some sort of authentication to avoid such scenarios.

Look at the time stamps of application and all the applications have a hashtag before the number



and so many more

Bounty Manager needs to wake up


legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
April 12, 2020, 11:49:02 AM
#2
Lol, I faced this problem also years ago. But I don't notice anybody is doing this recently with my information Smiley I have also searched in this spreadsheet but I am disappeared there. And I have some confusion for Bitcoin_arena top of your name. Maybe he is not a bounty hunter. but not sure.

Btw you should contact to the bounty manager to remove your all details from the spreadsheet.
legendary
Activity: 1974
Merit: 1150
April 12, 2020, 09:39:25 AM
#1
What do you think about this bounty: 🔥[BOUNTY]Cowrium.net - HOT BOUNTY UP TO $750K TO SHARE 🔥
 
I found proof that my account details were used by other user to participate in the campaign. I dont think this is the first time a case like this has happened. This will obviously harm many other users who dont participate in any bounty campaign because their account details are used to cheat.



What action should be taken for cases like this and who should we blame? I hope all of us users must be careful about the activities of other users who cheat with our account details.

My account details are used on the "Twitter Campaign" with spreadsheet number 67.

Please check the spreadsheet.

For all users who read this thread, please check the spreadsheet. Your account details may also be used by other user to participate in bounty.

Thanks to Davian144 for letting me know about cheater bounty hunter involving my account details via PM.

Jump to: