Author

Topic: I'v been scammed... (Read 1746 times)

legendary
Activity: 1456
Merit: 1000
August 20, 2015, 01:27:23 PM
#23
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

bro, i'm dont still using bitcoin because i'm got hacked two times, because it's so easy to hack an wallet also blockchain you watch an wallet address then you crack the private key then you'll be able to send bitcoins so easy...i'm recommended you to be not using btc because isn't an protected use paypal , skrill , pm or real money in your hands.

Oh right, bro you do realise it is more secure and protected than any of them you mention lol A fool and his money will always be parted even if they have at their disposal the best tools to protect their money. They don't use them. I have a cheap clean installed ledger wallet that I can use on your funky malware ridden computers and not a penny will ever be stolen. I have a few different paper wallets that was created offline, But, I see what you mean that isn't safe at all Wink Quick leave bitcoin, or learn to secure them and your system.

It is not easy to "hack" a bitcoin wallet " also blockchain you watch an wallet address then you crack the private key then" is kinda not even in realm of what happens.  I'm guessing you are thinking of like a CSI tv show clicking one button and a bunch of text scrolls ..... then cracked private key!

It could not be further from the truth.  The chances of getting a private key from brute force is so so very very tiny.  It just does not happen.   What happens is you get a virus/malware and then you are hacked.  It is the virus/malware and improper security settings on wallets that allow taking those coins.

Get a proper cold wallet, or hardware, or at least use 2 factor.  Hacking should not happen if done right on wallet security.
hero member
Activity: 568
Merit: 500
Smoke weed everyday!
August 20, 2015, 09:54:08 AM
#22
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

bro, i'm dont still using bitcoin because i'm got hacked two times, because it's so easy to hack an wallet also blockchain you watch an wallet address then you crack the private key then you'll be able to send bitcoins so easy...i'm recommended you to be not using btc because isn't an protected use paypal , skrill , pm or real money in your hands.

Oh right, bro you do realise it is more secure and protected than any of them you mention lol A fool and his money will always be parted even if they have at their disposal the best tools to protect their money. They don't use them. I have a cheap clean installed ledger wallet that I can use on your funky malware ridden computers and not a penny will ever be stolen. I have a few different paper wallets that was created offline, But, I see what you mean that isn't safe at all Wink Quick leave bitcoin, or learn to secure them and your system.
newbie
Activity: 14
Merit: 0
August 20, 2015, 06:25:24 AM
#21
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

bro, i'm dont still using bitcoin because i'm got hacked two times, because it's so easy to hack an wallet also blockchain you watch an wallet address then you crack the private key then you'll be able to send bitcoins so easy...i'm recommended you to be not using btc because isn't an protected use paypal , skrill , pm or real money in your hands.
jr. member
Activity: 32
Merit: 4
August 19, 2015, 07:02:00 AM
#20
I think the coin were here:
1Fnbq2ntFy5cvmfKLFESfVzP1vqmz61G9f

If someone can make a relacion with this btc address and an other hack...
Who knows!
newbie
Activity: 57
Merit: 0
August 19, 2015, 02:02:20 AM
#19
The IP you provided is a Tor exit node.  

[email protected] is the contact for it.  He's running Windows 7 as the server, which is strange.  Not very sophisticated setup.

Hostname: WIN-RVL0TDGKLCC



Tor exit node operators can't identify their users. That's the whole point. Don't waste his time, he'll probably just ignore your email anyway given how many clueless people (like you're recommending the OP to be) probably email him.

Nice job jumping to conclusions, brain.  At what point did I tell OP to email the guy?  I'll bet you're a politician.  Am I right? 
full member
Activity: 245
Merit: 124
August 19, 2015, 12:20:42 AM
#18
The IP you provided is a Tor exit node.  

[email protected] is the contact for it.  He's running Windows 7 as the server, which is strange.  Not very sophisticated setup.

Hostname: WIN-RVL0TDGKLCC



Tor exit node operators can't identify their users. That's the whole point. Don't waste his time, he'll probably just ignore your email anyway given how many clueless people (like you're recommending the OP to be) probably email him.
newbie
Activity: 57
Merit: 0
August 18, 2015, 10:15:16 PM
#17
The IP you provided is a Tor exit node.  

[email protected] is the contact for it.  He's running Windows 7 as the server, which is strange.  Not very sophisticated setup.

Hostname: WIN-RVL0TDGKLCC

jr. member
Activity: 32
Merit: 4
August 18, 2015, 04:56:51 PM
#16

Just one minute after, they delete it from mi email.
I have send it to localbitcoins support who said to me that:

This message was not sent from LocalBitcoins. It is a type of scam also known as a phishing attempt.

You can identify the phishing attempt by two factors:
- we do not send via via comcast.net
- we never link you to other domains then www.localbitcoins.com

But I really dont understand. This message comes from [email protected] and it link me to localbitcoin. And How could I see if it was send via comcast.net... I dont even know what is it...

Thanks all

The email was spoofed. There are ways to authenticate where the e-mail was sent from but I don't think many people use these techniques. I see many spoofed emails from Facebook, Blockchain, Google, etc etc. They use reputable names to get people to click their links.

The best way to avoid phishing is to NOT click links in emails unless you are expecting the email. For example you most likely did not submit a support ticket to LBC so why would they be sending you a reply for support ticket.

Sorry for your loss and hopefully it wasn't too much BTC

It was that. It was a fake email and I didn't see it...
Opening the source code of the mail I can see that it was send with a Oxhost server

To defend myself I've drinked a few beer when I get this email!

Was 3,5 BTC, to me a lot of money...
It's not going to happen again!

Thanks all for your answers
legendary
Activity: 1162
Merit: 1001
August 18, 2015, 01:21:38 PM
#15

Just one minute after, they delete it from mi email.
I have send it to localbitcoins support who said to me that:

This message was not sent from LocalBitcoins. It is a type of scam also known as a phishing attempt.

You can identify the phishing attempt by two factors:
- we do not send via via comcast.net
- we never link you to other domains then www.localbitcoins.com

But I really dont understand. This message comes from [email protected] and it link me to localbitcoin. And How could I see if it was send via comcast.net... I dont even know what is it...

Thanks all

The email was spoofed. There are ways to authenticate where the e-mail was sent from but I don't think many people use these techniques. I see many spoofed emails from Facebook, Blockchain, Google, etc etc. They use reputable names to get people to click their links.

The best way to avoid phishing is to NOT click links in emails unless you are expecting the email. For example you most likely did not submit a support ticket to LBC so why would they be sending you a reply for support ticket.

Sorry for your loss and hopefully it wasn't too much BTC
hero member
Activity: 490
Merit: 500
~ScapeGoat~
August 18, 2015, 10:11:40 AM
#14
I am sure it was a malware that stole Passwords and email account details related with LBC accounts.
Now you cant do anything , once the BTC is gone it is gone, only one thing you can do is to be carefull next time while downloading or opening any unknown software.
jr. member
Activity: 32
Merit: 4
August 18, 2015, 10:08:30 AM
#13
I get this email just before the hack:

:    no-reply@ (localbitcoins.com [email protected]) Vous avez déplacé ce message vers son emplacement actuel.
Envoyé :   lun. 17/08/15 01:27
À :   [email protected]
LocalBitcoins Support has opened support ticket #65104 for you.
 
To directly review and respond to this ticket, visit here:
 
https://localbitcoins.com/support/reply/65104/

Message:
 
---
 
We were unable to authenticate your account to grant access to your support ticket due to an invalid or expired confirmation code. A new code 6-letter confirmation code has just been sent. Please enter this code via the link at the top of this email. You have (2) attempts remaining.

Please review and reply to this ticket as soon as possible to help us further investigate this matter.
 
NOTE: You will not be prompted for your login credentials. You may be asked to verify a 6-letter confirmation code that will be sent to this email address to ensure that you are the original owner of this account.
 
---
 
You will get an email notification when LocalBitcoins support replies to your ticket. LocalBitcoins support works on European office hours. We will reply to you as soon as possible. LocalBitcoins support can answer to any messages in English or Spanish.
 
 
Disputed payments: https://localbitcoins.com/faq#start_dispute
 
Best regards,
Thomas
LocalBitcoins Support

Just one minute after, they delete it from mi email.
I have send it to localbitcoins support who said to me that:

This message was not sent from LocalBitcoins. It is a type of scam also known as a phishing attempt.

You can identify the phishing attempt by two factors:
- we do not send via via comcast.net
- we never link you to other domains then www.localbitcoins.com

But I really dont understand. This message comes from [email protected] and it link me to localbitcoin. And How could I see if it was send via comcast.net... I dont even know what is it...

Thanks all
full member
Activity: 239
Merit: 101
August 18, 2015, 07:57:35 AM
#12
If i had to guess its most likely you using the same username and password on different sites, probably best to mix it up with important accounts
sr. member
Activity: 500
Merit: 250
August 18, 2015, 05:43:58 AM
#11
i can help you, pm me
jr. member
Activity: 32
Merit: 4
August 18, 2015, 05:10:20 AM
#10
You're right,
Thanks for your answer.
I really like to purchase some kind of accion agains this hacker at least to prevent other lost to other member of bitcoin comunity but I konw it's seams very complicated...

hero member
Activity: 896
Merit: 1006
August 18, 2015, 04:38:20 AM
#9
Your coins are gone forever.

I know...  Sad I'ts sad but i'm trying to look at the good side of this. Now I'll try to get more secure and I hope it'll not happen again.
Some recomandation to me??

If you look at the IP information, it's from russia and it's appear a guy named: Nikolay A. Alekseev
Can we do something?

Some good advice was already given: switch to linux, setup your firewall properly, scan all binary's that didn't come from an official repo... Use a password manager to have unique pwds for every service you use, do regular updates,....

About the IP, how did you find this one? It can be the IP from a relaying node if i'm not mistaking (i'm quite new, so you might want to get a senior members opinion about this)... Even if it's really his ip, it might be an ip used by all his isp's clients??? Did he use a real name when he divulged his info AND his ip???
If you're not talking about 20+ bitcoins lost, i would't spend my time in chasing this guy, because it'll be quite hard to start a case against him in russia... You'll need somebody who speaks russian and knows about the russian legal system (a russian lawyer), costing you a lot of money...

A long time ago (around the year 2000-2002), a brazillian kid hacked one of our servers... We lost a lot of clients and cash... We found out all his info, but calculated it would cost us more to bring a 16 yo kid to "justice" in brazil than the loss we already had after his hacking... We had to leave it at that.. It stings, i know, but you have to look at the big picture when deciding to bring legal action to somebody...
jr. member
Activity: 32
Merit: 4
August 18, 2015, 04:24:03 AM
#8
Your coins are gone forever.

I know...  Sad I'ts sad but i'm trying to look at the good side of this. Now I'll try to get more secure and I hope it'll not happen again.
Some recomandation to me??

If you look at the IP information, it's from russia and it's appear a guy named: Nikolay A. Alekseev
Can we do something?
sr. member
Activity: 331
Merit: 250
August 18, 2015, 04:20:27 AM
#7
Your coins are gone forever.
jr. member
Activity: 32
Merit: 4
August 18, 2015, 04:18:45 AM
#6
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

you should move this thread to the scam accusation subforum, you'll get a lot more helpfull response over there

This should not be moved to scam accusation as their is 0 proof to begin with and no idea who the funds went to, it is theft and I'm not sure where it could go to be honest, here, off topic of bitcoin discussion is good. Sorry to say OP that is a rap for your coin you will never see them again unless the thief feels bad and returns them.  That won't happen I have to assume you don't have antivirus so that would be your first step getting the malware from your computer and then research how to keep your machines safe in future, a good start will be changing from windows to linux or of course don't click any old link or download things without scanning first.

Thank for your answer.
Yes unfortunately I konw that I won't see my coin again but I'd like to know at least how it's happend and eventually trying to do a statment to the police of my area.

I'm not a profesional of programation but I consider myself as pretty suspisious.


jr. member
Activity: 32
Merit: 4
August 18, 2015, 04:13:04 AM
#5
My best guess would be that your pc must be compromised.

Have you done a thorough check of your computer to check for any malware or similar software?

Also, is this the transaction where your coins were moved: https://blockchain.info/tx/50647dde1b962821164bcf38b1d9a7e9d4fa364afbb741e487283c37fc22ec34


Yes I have scan my PC looking for malware and I didn't find anything...
Yes it is this transaction.

hero member
Activity: 568
Merit: 500
Smoke weed everyday!
August 18, 2015, 04:06:13 AM
#4
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

you should move this thread to the scam accusation subforum, you'll get a lot more helpfull response over there

This should not be moved to scam accusation as their is 0 proof to begin with and no idea who the funds went to, it is theft and I'm not sure where it could go to be honest, here, off topic of bitcoin discussion is good. Sorry to say OP that is a rap for your coin you will never see them again unless the thief feels bad and returns them.  That won't happen I have to assume you don't have antivirus so that would be your first step getting the malware from your computer and then research how to keep your machines safe in future, a good start will be changing from windows to linux or of course don't click any old link or download things without scanning first.
sr. member
Activity: 336
Merit: 251
August 18, 2015, 04:02:17 AM
#3
My best guess would be that your pc must be compromised.

Have you done a thorough check of your computer to check for any malware or similar software?

Also, is this the transaction where your coins were moved: https://blockchain.info/tx/50647dde1b962821164bcf38b1d9a7e9d4fa364afbb741e487283c37fc22ec34
hero member
Activity: 896
Merit: 1006
August 18, 2015, 03:54:59 AM
#2
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone

you should move this thread to the scam accusation subforum, you'll get a lot more helpfull response over there
jr. member
Activity: 32
Merit: 4
August 18, 2015, 03:48:54 AM
#1
Hi every one,

I've just been scammed and they stole me an important (for me) sum of BTC on my localbitcoin account.
I think I have the IP who enter to my email and to my localbitcoin account: 84.53.203.38

The fund are gone on the following address: 1EVj1tv55KVpgHK3BwGxeNuyuqL4uqm3xY

I now I'm a fool for leaving an important sum of BTC in a hot wallet but I very disappointed.
I dont konw how they hacked me. Was not phishing and they got my email account passaword and my localbitcoin password to...

Anyone can help me to to do anything?

Thanks everyone
Jump to: