Just spotted a double-spend scam. Be wary guys!

eternalgloom

legendary

Activity: 1792

Merit: 1283

Quote from: neochiny on November 26, 2016, 02:39:53 AM

Heh. Nice. Guess he thought it was worth a try. He must think people are idiots. Who would ever fall for such a thing. lol.

And yep, always wait for confirmation, I personally require at least 4 - 6 confirms when dealing with someone and as far as I know,
only online casino can afford to accept zero confirm (for deposits since they control the withdrawals anyway).

I think there are enough people who'd still fall for it.
And also, even for online casinos it's better to wait for at least 1 confirmation to credit deposits, since you'd be able to try your luck and gamble for free if you're able to just double spend if you lose your deposit.

Playboi

full member

Activity: 187

Merit: 103

Quote from: Decoded on November 24, 2016, 05:43:40 AM

Hey guys, I was trying to sell my Karambit Doppler (Just a CSGO thing you guys), and someone approached me, offering to purchase it in

Is there somewhere on this site to read more about 'double spends'? I have never heard about it before.
What exactly is it? Unfortunately, i read through the thread and it doesn't make sense to me

iram3130

legendary

Activity: 1512

Merit: 1010

ITSMYNE 🚀 Talk NFTs, Trade NFTs 🚀

Newbies to the BTC should understand the concept of confirmations. As far as I have seen new lovers of BTC think it like a paypal transaction which is not true and you need to know the system before you start using it.
Thank you for sharing a good information.

BettorChain.com

member

Activity: 79

Merit: 10

Thank you for alerting the community of this scam attempt.
We really have to pay attention to the transaction not confirmed, they can be dangerous.

Deep In The Mines LLC

full member

Activity: 162

Merit: 100

Wise of you to wait for 1 confirmation at minimum, Steam has far too many scammers but am surprised he targeted you for Bitcoins, did you list in your Steam Profile that you trade in Bitcoins? how did he find out?

Hopefully while trying to scam he might end up failing his double spend and backfiring on him.

But damn, now am curious about how much CSGO knifes cost, you were trying to sell one for around 300 there, cosmetic in-game items have reached new price heights it seems.

ranochigo

legendary

Activity: 2954

Merit: 4158

Quote from: Pursuer on November 28, 2016, 10:43:08 AM

technically speaking (not that I am an expert

) a transaction with RBF flag is just another transaction in the mempool that miners can pick up and include in the blocks and there is nothing dictating they should not include this one or the next one based on the sequence in it.

Nodes will drop the one with the lower fee out of the mempool and the one with the higher fee will be in the mempool. If you send a transaction that can replace the previous transaction, most miners and nodes will drop the other transaction and include newer one.

Quote from: Pursuer on November 28, 2016, 10:43:08 AM

besides as you said not many nodes or even miners have implemented this.
double besides as I have said your transaction would be an special one because you can contact those two guys and tell them someone is trying to scam you by double spending and take your payment.

I was talking about CPFP. Nodes who have upgraded would have opt in RBF enabled.

Timing. How sure are you that the previous transaction will not be included in a block before the replacement transaction gets included by other miners?

Besides, they don't have to help you.

Pursuer

legendary

Activity: 1638

Merit: 1163

Where is my ring of blades...

Quote from: ranochigo on November 28, 2016, 08:35:42 AM

Quote from: Pursuer on November 28, 2016, 04:35:28 AM

this is the way to teach a lesson to scammers who double spend.
as soon as you made sure he is a scammer and had double spent the inputs you should do these before the other tx is confirmed:
1) make a CPFP transaction
2) add a big ass fee for example for this transaction of 0.45BTC since mempool was full you could include 0.001-0.005BTC
3) contact Quickseller or macbook-air and ask them to include your CPFP transaction in a block
4) give the scammer a middle finger instead of product.

The problem is that this isn't a normal transaction.

Usually, the transaction will not be replaced as long as you rebroadcast it over and over again. However, since it has a opt-in replace-by-fee flag, nodes will be able to replace this transaction. CPFP will not work in this place since the original transaction can be replaced if it is unconfirmed.

There isn't that many miners that adopts CPFP anyway.

technically speaking (not that I am an expert

) a transaction with RBF flag is just another transaction in the mempool that miners can pick up and include in the blocks and there is nothing dictating they should not include this one or the next one based on the sequence in it.

besides as you said not many nodes or even miners have implemented this.
double besides as I have said your transaction would be an special one because you can contact those two guys and tell them someone is trying to scam you by double spending and take your payment.

mace15

hero member

Activity: 1428

Merit: 506

Thanks for the information. This is a really big help
to anyone who got scam before. We should not give
an easy trust to anyone we dont know. So, this is
warning to others also.

ranochigo

legendary

Activity: 2954

Merit: 4158

Quote from: Pursuer on November 28, 2016, 04:35:28 AM

this is the way to teach a lesson to scammers who double spend.
as soon as you made sure he is a scammer and had double spent the inputs you should do these before the other tx is confirmed:
1) make a CPFP transaction
2) add a big ass fee for example for this transaction of 0.45BTC since mempool was full you could include 0.001-0.005BTC
3) contact Quickseller or macbook-air and ask them to include your CPFP transaction in a block
4) give the scammer a middle finger instead of product.

The problem is that this isn't a normal transaction.

Usually, the transaction will not be replaced as long as you rebroadcast it over and over again. However, since it has a opt-in replace-by-fee flag, nodes will be able to replace this transaction. CPFP will not work in this place since the original transaction can be replaced if it is unconfirmed.

There isn't that many miners that adopts CPFP anyway.

audaciousbeing

hero member

Activity: 1330

Merit: 569

I am happy for you that you didn't fall for the scam I had learned about this when I had tried to reverse a wrong transaction but didn't understand it until now and even don't know people can be this ingenius when it comes to doing wrong thing. But now I have understand and thank you for sharing and also debunking the myth that Bitcoin is not reversible.

Pursuer

legendary

Activity: 1638

Merit: 1163

Where is my ring of blades...

this is the way to teach a lesson to scammers who double spend.
as soon as you made sure he is a scammer and had double spent the inputs you should do these before the other tx is confirmed:
1) make a CPFP transaction
2) add a big ass fee for example for this transaction of 0.45BTC since mempool was full you could include 0.001-0.005BTC
3) contact Quickseller or macbook-air and ask them to include your CPFP transaction in a block
4) give the scammer a middle finger instead of product.

Invulner

sr. member

Activity: 266

Merit: 250

Invulner

Good that you checked the fee. 0.45 BTC would have been a heck of a loss for you or for anyone, especially when you are dealing with someone that you don't know well from a scammer-rich platform like Steam.

Anyways the safest way is to just wait for 1 conf... Stay safe.

Qartersa

hero member

Activity: 868

Merit: 535

Good thing you waited before you sent the item to him, OP. Thank you for putting this out too, this is a good warning to people dealing with this kind of deals. Bitcoin is such a complicated thing, and I never knew that sending a transaction can be canceled. All this time, I thought once you send the Bitcoins it's done and nothing we can do about it anymore.

ranochigo

legendary

Activity: 2954

Merit: 4158

Just inspected the raw transaction and I can see why this happened.

By right, it isn't this easy for someone to just send a transaction that conflicts with another transaction in the mempool and have it propagated through the network. However, the original transaction in question have a sequence that is less than 0xfffffffd and thus it flags for opt-in RBF. Bitcoin Core will not propagate transactions that have inputs listed as spent but will replace transactions that has Opt-IN RBF enabled.

Always check for fees, propagation and whether Opt-in RBF is enabled. If the transaction is of an significant amount, PLEASE wait for at least a confirmation.

neochiny

hero member

Activity: 756

Merit: 503

Crypto.games

Heh. Nice. Guess he thought it was worth a try. He must think people are idiots. Who would ever fall for such a thing. lol.

And yep, always wait for confirmation, I personally require at least 4 - 6 confirms when dealing with someone and as far as I know,
only online casino can afford to accept zero confirm (for deposits since they control the withdrawals anyway).

iamTom123

hero member

Activity: 490

Merit: 501

Quote from: X-ray on November 24, 2016, 06:26:05 AM

This is the strong reason for waiting 1 confirmation and if you had see almost all of webshop around the world which accepts bitcoin always requiring to wait until atleast 1 confirmation or even more for a transaction to be considered finish or done. and by the way see that fees sending 0.45 bitcoin with only 373 satoshi as a fee would potentially rejected by the network

Indeed, we have to wait for at least one confirmation. The system is there so there is no reason not to take advantage of that. We should always be careful when dealing with online transaction as we can not be sure if the other guy is a good customer or someone just pretending to be.

MadGamer

legendary

Activity: 1568

Merit: 1031

At least you didn't fall for the scam. If the user you was going to trade with is on the forums then you should post his profile , that way some DefaultTrust members will give him a negative trust and you should move this to scam accusation too.

X-ray

hero member

Activity: 2800

Merit: 520

Leading Crypto Sports Betting & Casino Platform

This is the strong reason for waiting 1 confirmation and if you had see almost all of webshop around the world which accepts bitcoin always requiring to wait until atleast 1 confirmation or even more for a transaction to be considered finish or done. and by the way see that fees sending 0.45 bitcoin with only 373 satoshi as a fee would potentially rejected by the network

superiorus

legendary

Activity: 1358

Merit: 1000

Bitcoiner since start, and continue to love it!

Code:

Warning! this transaction is a double spend. You should be extremely careful when trusting any transactions to/from this sender.

Well, that's why we always wait for minimum 1 confirmation ... or use a escrow.
There are over 60k unconfirmed transactions in blockchain now.
Stay safe!

Decoded

legendary

Activity: 1232

Merit: 1029

give me your cryptos

Hey guys, I was trying to sell my Karambit Doppler (Just a CSGO thing you guys), and someone approached me, offering to purchase it in bitcoin. Being the crypto-lover I am, I went through with it. He without hesitation sent first, which impressed me.

The problem was, straight away, he demanded for my knife. I told him to wait for a confirmation. Not a few seconds later, he double-spent the transaction. Knew it.

Here's my chat logs:

Code:

Never tell your password to anyone.
യRagnar★Walzerയ: hi man
Whyte: Hi
യRagnar★Walzerയ: kara
യRagnar★Walzerയ: you sell him?
Whyte: yes
യRagnar★Walzerയ: how cost?
Whyte: 140 keys
യRagnar★Walzerയ: i pay 0.43 bitcoin
യRagnar★Walzerയ: now it 316$
യRagnar★Walzerയ: I send money first, so that you are not worried!
Whyte: 0.45 and deal
യRagnar★Walzerയ: hmm
യRagnar★Walzerയ: i sec
യRagnar★Walzerയ: i check again
യRagnar★Walzerയ: ok man
Whyte: yeah
Whyte: So send 0.45 BTC to 1fdFgrw59gczh96esrpJST6MVHyQm4VJK
യRagnar★Walzerയ: As soon as I send the money, you'll send me a knife?
യRagnar★Walzerയ: You won't leave me?
യRagnar★Walzerയ is now Online.
യRagnar★Walzerയ: I'm waiting
Whyte: oh sorry
Whyte: yeah deal
യRagnar★Walzerയ: i send money
Whyte: ok
യRagnar★Walzerയ: man
യRagnar★Walzerയ: you see money?
Whyte: yes
Whyte: you see fee?
യRagnar★Walzerയ: send me knife man
Whyte: 373 satoshi
Whyte: let it confirm first :)
Whyte: Im not a bitcoin newbie you know
Whyte has changed their name to FROSTWOLF YOUVE RDMED ME TWICE.
യRagnar★Walzerയ: ok man
FROSTWOLF YOUVE RDMED ME TWICE has changed their name to WhyteWhyte.
യRagnar★Walzerയ: i wate my knife
WhyteWhyte: I'll keep rebroadcasting it anyways and ill send you a trade offer when it goes through
യRagnar★Walzerയ: ok man. i wate.and I hope you did not throw
WhyteWhyte: If I was I would have already unfriended you
WhyteWhyte: ooh nice double spend
WhyteWhyte: you're good
യRagnar★Walzerയ is now Online.
യRagnar★Walzerയ: Thanks man! Success
യRagnar★Walzerയ: %)
യRagnar★Walzerയ is now Offline.
WhyteWhyte has changed their name to Whyte.

Here's the transaction, it will probably disappear, we'll see. https://blockchain.info/tx-index/192361503

Take care guys.

Topic: Just spotted a double-spend scam. Be wary guys! (Read 1356 times)