Author

Topic: EgoPay servers compromised? Sending fake transactions to merchants (Read 8833 times)

newbie
Activity: 46
Merit: 0
Both egopay.com and virtex.com are now down (and probably gone forever)

If anyone has more info on the crooks behind these two sites, CEO Mantas Gustys and founder Tadas Kasputis, please post here or contact via PM. We are working on getting law enforcement to pursue the matter since they have so far not contacted any of their users with a proposal to pay us back what they stole.

The heist has already been reported to the FBI by longtime user bitboy11.
hero member
Activity: 602
Merit: 500
i guess they didnt recover from the hack and its closing time for them. LR was first and now egopay.. i wonder whos next


http://www.coindesk.com/payment-processor-egopay-confirms-hack-insider-suspected/
legendary
Activity: 2772
Merit: 2846
This is the message I get when I try to connect.

Quote
www.egopay.com - Connection failed
Error code 20
The proxy failed to connect to the web server, due to TCP connection timeout.
newbie
Activity: 46
Merit: 0
Egopay.com is down, the scammers are gone.
I had money there with them AND with their equally scammy bitcoin exchange virtex.com
sr. member
Activity: 1097
Merit: 310
Seabet.io | Crypto-Casino


I see. Thank you for info.

newbie
Activity: 46
Merit: 0
The people who created EgoPay are the same people who also went on to later create Virtex.com, which is a bitcoin exchange that has not paid out anything or allowed its users to withdraw any money for the past month.

The site is still up and it appears to be active. But those of us who are verified users (such as myself) can simply just not get our money out. Fiat withdrawals don't work and requests for BTC withdrawals are also ignored. 

sr. member
Activity: 1097
Merit: 310
Seabet.io | Crypto-Casino


Sorry what exactly is  "Egopay's Virtex.com scheme" you mentioned?


(Sorry if I sound bitter, but I am one of the many who have lost money with Egopay's Virtex.com scheme and who is still waiting for payment)
newbie
Activity: 46
Merit: 0
Indeed, there does seem to be still some SELECTIVE activity by EgoPay and Virtex. They pay their friends, and those they want to keep quiet. And somehow the worst part of the situation is that they themselves are quiet: They do not communicate to anyone what is going on. There is no way to contact them. And support requests remain unanswered.

All the hallmarks of thieves and scammers that should not be trusted. Not now, not forever.

(Sorry if I sound bitter, but I am one of the many who have lost money with Egopay's Virtex.com scheme and who is still waiting for payment)
full member
Activity: 219
Merit: 100
there seems to be no safe place
newbie
Activity: 15
Merit: 0
Goldux Admin:
Why do you still have all EgoPay Links active on your Website, are you affraid of getting nothing back, in Case, something is still around?

Or then, I imagine, you are out of problems !?

Just few words to your post. Why do you think that address or phone contact is so important? Lets take look at one example: MtGox, they did have address, phone number, physical building, and so what? Did not people lost everything there, including us? Address on website means nothing. It will not protect your money.

We will not remove EgoPay links while EgoPay is still here. Some of pending payments were completed, so there is still activity.
Once they close website down, we will permanently delete all EgoPay links. Until then we wait and see what will be the next steps of EgoPay.
newbie
Activity: 1
Merit: 0
We can confirm also the same.
It looks very suspicious now, still waiting what will happen next.
Goldux.com Admin

One single Thing, I will never understand.

How in the World would an honest Business keep it's Founds in a fully unknown Wallet, at a fully unknown Address, exept for an url, registrered to a fully unnkown, hidden, individual, With NOTHING on their Website, informing about anyting valuable or simply usable, and expecting such a place to be a trustworthy Business Partner Huh

Are you Fellows all plain Nut's or something? Or simply blind, hampered by silly Expectations of getting rich quick?

Must be a really sick World, outthere, somewhere, in the Bitcoin Territory. There is just no other way to explain such behaviour. Sorry...

Goldux Admin:
Why do you still have all EgoPay Links active on your Website, are you affraid of getting nothing back, in Case, something is still around?

Or then, I imagine, you are out of problems !?
legendary
Activity: 1470
Merit: 1004
I am a user of both EgoPay and of the bitcoin exchange Virtex.com which is also owned by Egopay founder Tadas Kasputis (who started it with fellow Lithuanians Paulius Meskauskas, Tomas Andzelis and Mantas Gustys.)

For the past ten days I've been unable to get any funds out.  Both my fiat withdrawal requests and my BTC withdrawal requests are stuck, and support staff is completely silent. However, at the moment Virtex is still active and trading: But just not paying any funds out to its victims.


Virtex.com is hacked too and they won't pay anybody...
newbie
Activity: 46
Merit: 0
I am a user of both EgoPay and of the bitcoin exchange Virtex.com which is also owned by Egopay founder Tadas Kasputis (who started it with fellow Lithuanians Paulius Meskauskas, Tomas Andzelis and Mantas Gustys.)

For the past ten days I've been unable to get any funds out.  Both my fiat withdrawal requests and my BTC withdrawal requests are stuck, and support staff is completely silent. However, at the moment Virtex is still active and trading: But just not paying any funds out to its victims.
legendary
Activity: 1470
Merit: 1004
it is confirmed. Egopay was hacked and then the owners ran with the money. they are saying that the management is changing just to earn some time.

millions are missing. very curious why only a part of their exchangers came to public until now. I think they are still hoping to get some funds back from Egopay but NO chance . Smiley
newbie
Activity: 15
Merit: 0
We can confirm also the same. Problem is that EgoPay is not responding to our emails, skype contact is offline so there is no way to contact them. What happened more is that Egopay has frozen 90% of our funds. They created new wallet 'Frozen wallet' and moved 90% of our funds into it. We cannot now spend it anymore.

It looks very suspicious now, still waiting what will happen next.

Goldux.com Admin
member
Activity: 110
Merit: 100
This is a really serious problem!
full member
Activity: 122
Merit: 100
We confirm, that EgoPay was hacked, all that wrote bitmarket.pl did happen to us as well, but as the identifications of payments were similar, our security system let through only 2 transactions and the other ones were blocked automatically. After checking we contacted EgoPay and till now have no response...

how do you confirm? i'm curious
hero member
Activity: 745
Merit: 1000
We confirm, that EgoPay was hacked, all that wrote bitmarket.pl did happen to us as well, but as the identifications of payments were similar, our security system let through only 2 transactions and the other ones were blocked automatically. After checking we contacted EgoPay and till now have no response...
newbie
Activity: 7
Merit: 0
Quote from: talk2bit
you're not alone in this situation.
I think we should unite and push EgoPay for it's shit security and get our losses recouped by EgoPay or ruin their reputation.

We are giving EgoPay another 24 hours to make appropriate amends in this situation before we go public high profile. I chatted briefly with Mr. Arthur from EgoPay on Skype this morning and I am awaiting his detailed response.

Quote from: talk2bit
I wonder how much did you lose in the end?

We would like not to disclose our losses publicly at this moment. They are not a threat to our company financial situation, but they are serious enough for us to pursue all kinds of actions if necessary.

Quote from: talk2bit
did you check each transaction in EgoPay system before commiting auto-payment to hackers?

To verify transactions we used the code in EgoPaySci.class.php which they have available for download. Their transaction server was hacked, so the transactions were reported as valid by their API server.
newbie
Activity: 1
Merit: 0
you're not alone in this situation.

I think we should unite and push EgoPay for it's shit security and get our losses recouped by EgoPay or ruin their reputation.

I wonder how much did you lose in the end?

did you check each transaction in EgoPay system before commiting auto-payment to hackers?
legendary
Activity: 1092
Merit: 1001
I was wondering when the hackers were going to hit things like Egopay, PerfectMoney, etc.
newbie
Activity: 7
Merit: 0
Now it looks like the whole EgoPay merchant callback server is down. Any attempts to verify transaction callbacks result in "404 Not Found" error from the EgoPay server. Looks like they became aware that their server has been hacked and disabled it. Still no response from their support team. This starts looking serious.
legendary
Activity: 1358
Merit: 1000
its the right place to be posting
newbie
Activity: 7
Merit: 0
I am sorry if this is a wrong forum to post this, but I couldn't find a better one. The matter is urgent and since EgoPay is one of the most popular payment methods connected with bitcoin trading, I think it is vital that the whole community is aware what is happening.

This morning we received several transaction notifications from EgoPay via merchant API. These notifications were posted from the usual IP adress of Egopay (95.211.120.119) and were verified correctly by the SCI callback to the www.egopay.com server. However, the funds from these transactions were not added to our wallet. The transactions have very similar IDs, for example ZYYYXL-CLB1B2-AB93GV and ZYYYXX-WHQJNB-E2HQ1S, which is also suspicious because normally the IDs of the transactions are very different.

It looks that someone has hacked EgoPay servers and is/was sending fake transactions to merchants. We suspect this because (a) the notifications come from the IP address of EgoPay server and (b) the transactions were verified correctly by the callback to EgoPay server.

We have double-checked everything on our side and our scripts were not compromised (which was verified by comparing checksums of all scripts). We are posting this information here for all merchants using EgoPay because this matter is very serious and we haven't heard anything from the EgoPay support team so far.

We suggest that anyone having an EgoPay account change their password immediately, and any merchant using EgoPay as a method of payment disable it until we hear the explanation from EgoPay about this incident.
Jump to: