Author

Topic: fflakmining.com scam thread (Read 245 times)

legendary
Activity: 2338
Merit: 1261
Heisenberg
April 29, 2021, 04:44:56 PM
#13
how can i fix this issue?

please guide me. thanks.
I am not even able to access the site. It's just a blank page. How did you end up getting scammed by a site that's offline?

Also, there's nothing that can be done. If you sent them money especially via crypto then forget about it. You never ever think about wasting your money with cloud mining. Almost 100% of it is just scam
newbie
Activity: 1
Merit: 0
April 27, 2021, 12:23:50 AM
#12
I'm a victim on this scam site too.

but i have another problem.

still my hardware are engaging with mining, while i never do cloud mining after being robbed with this site.

how can i fix this issue?

please guide me. thanks.
member
Activity: 203
Merit: 30
February 19, 2018, 12:22:50 AM
#11
Now there is a new facebook group that was created a couple of days after fflakmining exit scammed. They are trying to get people to send them bitcoins, saying their site was hacked and they are working on a new one. PRETTY LOW TO BE SCAMMING PEOPLE WHO WERE ALREADY SCAMMED. These low-lifes need to be hacked or worse.

https://www.facebook.com/groups/842559639247307
newbie
Activity: 1
Merit: 0
February 17, 2018, 03:56:55 AM
#10
I'm another victim...lost huge amount from my point of view Cry

Is there some sort of class action lawsuit going on?
newbie
Activity: 1
Merit: 0
January 30, 2018, 05:33:19 AM
#9
Loose 0.3 BTC on them  Embarrassed
newbie
Activity: 8
Merit: 0
January 29, 2018, 01:42:08 AM
#8
get hit too  Sad
s^3
newbie
Activity: 6
Merit: 0
January 28, 2018, 04:47:56 AM
#7
and me also Sad
newbie
Activity: 1
Merit: 0
January 28, 2018, 03:56:18 AM
#6
they got me too...  Angry
jr. member
Activity: 410
Merit: 1
January 28, 2018, 03:16:02 AM
#5
They got me too.  Angry
newbie
Activity: 7
Merit: 0
January 27, 2018, 11:55:49 PM
#4
lost 10 LTC  Embarrassed  Embarrassed  Embarrassed
member
Activity: 203
Merit: 30
January 27, 2018, 10:59:14 PM
#3
According to http://whoisrequest.com/history/ 'fflak.com' used the exact same nameservers as fflakmining.com but has been registered much longer (since 2012).

Also the fflakmining facebook shows (showed) fflak.com as their corporate web page, and fflak.com appeared as a corporate sight specializing in blockchain tech (see latest archive.org cache).

Here are the DNS records for fflak.com, look familiar?

Aug 10
Changes on that date
Removed   ns3.dnsowl.com
Removed   ns2.dnsowl.com
Removed   ns1.dnsowl.com
Added   ns3.digitalocean.com
Added   ns2.digitalocean.com
Added   ns1.digitalocean.com
Active Name Servers on that date
ns3.digitalocean.com
ns2.digitalocean.com
ns1.digitalocean.com
Aug 16
Changes on that date
Removed   ns3.digitalocean.com
Removed   ns2.digitalocean.com
Removed   ns1.digitalocean.com
Added   serena.ns.cloudflare.com
Added   chuck.ns.cloudflare.com


https://www.whoxy.com/history/fflak.com shows that this domain has been registered to the same owner since 2012.

archive.org shows this is a page for a mexican band and has a link to a facebook group. https://www.facebook.com/grupofflak

I am fairly certain our scammer is probably in one of the photos in this group assuming the domain name wasn't hacked and stolen or sold.
member
Activity: 203
Merit: 30
January 27, 2018, 06:16:39 PM
#2
This is interesting....

Domain Name: FFLAKMINING.COM
Registry Domain ID: 2154063648_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: http://www.namesilo.com
Updated Date: 2018-01-27T10:44:40Z
Creation Date: 2017-08-16T17:53:40Z
Registry Expiry Date: 2019-08-16T17:53:40Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientHold https://icann.org/epp#clientHold
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: CHUCK.NS.CLOUDFLARE.COM
Name Server: SERENA.NS.CLOUDFLARE.COM
DNSSEC: unsigned


clientHold   

This status code tells your domain's registry to not activate your domain in the DNS and as a consequence, it will not resolve. It is an uncommon status that is usually enacted during legal disputes, non-payment, or when your domain is subject to deletion.

Often, this status indicates an issue with your domain that needs resolution. If so, you should contact your registrar to resolve the issue. If your domain does not have any issues, but you need it to resolve, you must first contact your registrar and request that they remove this status code.

member
Activity: 203
Merit: 30
January 27, 2018, 04:51:55 PM
#1
Another mining scam made its exit today.

The following is info I was able to collect on their operation, and I hope this information helps anybody who got ripped off by these criminals.

The phone number given by fflak mining is the same as the phone number on this site: http://www.comptroub.com.hk/

The address listed on this site is 2/F, Dah Sing Life Bldg, 99-105 Des Voeux Road Central, Central, Hong Kong
different than given from the fflak mining site: The New World Tower, 16 Queen’s Road, Central, Hong Kong

IP history results for fflakmining.com.
==============
IP Address   Location   IP Address Owner   Last seen on this IP
104.18.37.239   United States   Cloudflare, Inc.   2018-01-27
104.18.36.239   United States   Cloudflare, Inc.   2018-01-27
167.114.213.199   Montreal - Canada   OVH Hosting, Inc.   2017-08-18
164.132.212.72   France   OVH Static IP   2017-08-18
107.161.23.204   Atlanta - United States   RamNode LLC   2017-08-18

2017
Aug 20
Changes on that date
Removed   ns3.dnsowl.com
Removed   ns2.dnsowl.com
Removed   ns1.dnsowl.com
Added   serena.ns.cloudflare.com
Added   chuck.ns.cloudflare.com

Old DNS info:
> dig fflakmining ns1.dnsowl.com A +short
198.105.244.64
198.105.254.64
198.251.84.16
173.254.242.221
185.34.216.159

> dig fflakmining.com ns1.dnsowl.com A +short
188.166.204.107 <-- this one looks interesting http://188.166.204.107
185.34.216.159
173.254.242.221
198.251.84.16

> dig fflakmining.com ns2.dnsowl.com A +short
188.166.204.107
168.235.75.52
104.143.9.16
64.32.22.100

>dig fflakmining.com ns3.dnsowl.com A +short
188.166.204.107
70.39.125.242
45.63.5.234
209.141.39.150


Other known domains/sites: fflak.com litemihub.com (all taken down at the same time as fflakmining.com)

The links in their emails lead to https://u5956394.ct.sendgrid.net

Here is some header information from an email reply I got from "Charlie" - [email protected]:

X-Originating-IP: [135.84.80.217] Authentication-Results: .....yahoo.com from=fflakmining.com; domainkeys=neutral (no sig); from=fflakmining.com; dkim=neutral (no sig) Received: from 127.0.0.1 (EHLO sender-of-o52.zoho.com) (135.84.80.217) by ...yahoo.com with SMTPS; Wed, 20 Dec 2017 16:23:11 +0000 Received: from mail.zoho.com by mx.zohomail.com with SMTP id 1513786989701737.825572623641; Wed, 20 Dec 2017 08:23:09 -0800 (PST) Date: Wed, 20 Dec 2017 14:23:09 -0200 From: Hiring FFLAKMINING [email protected]


And their vimeo account: https://vimeo.com/user72246105

Interesting links:
https://www.linkedin.com/in/fred-fischer-7a44605a/
http://business-services.scmp.com/services-directory/office-it-services/computer-troubleshooters
https://hongkong.asiaxpat.com/directory/arts-culture-education/computer-training/1c1ac0f3-6cc7-43c4-a41d-e31912d4dd16/cts-pc-support-centre/
http://www.comptroub.com.hk/contacushk.htm

Another match for the phone number in this forum thread:
https://www.kaskus.co.id/thread/000000000000000000873755/all-about-hong-kong-ii/240+&cd=12&hl=en&ct=clnk&gl=us
Here is a site mentioned in that thread: http://www.hkfix.net/en/

Further investigation shows us this is a franchise business (look at all the white people in the staff picture, pretty strange for an asian business).
https://www.technology-solved.com/


Jump to: