Topic: LTCGear.com SCAM - Enough is enough, lets get some info together - page 24. (Read 55588 times)

The news

Hi,

Some explanations:

As discovered recently, starting several months ago, a focused series of attacks were executed on computer infrastructure connecting ltcgear with its users (website, database, and various layers behind).
The attacks were at beginning masked behind legit website utilization.
The attacks results ranged from DOS (denial of service) to more serious; creating fake shares or orders, or hijacking payment addresses (both for orders and share payments).
The attacks generated issues with payments, new asic, management and multiplications.
The methods used were not public knowledge at the time attacks started.
As about perpetrators, basically they were four kinds:
A. Attackers which were interested to hijack payments (both for orders and shares) and possible other occult agenda
B. Attackers which were interested to sell cheap shares to website users or sell service of order completion for a percent of real order value
C. Users which bought means for adding themselves free shares or complete themselves orders without payment to ltcgear
D. Attackers which were simply interested in service denial (e.g. denying Friday payment by starting a service denial attack).

As about identifying class A attackers, as I already informed certain parties from community, a direct connection to database was established starting from IP 178.21.117.208 belonging to directvps.nl and address 1AeFq5RbXiY1vsRqZjcF7fVodCxXwmDcMX (along with many others) was planted in database for payments. 1AeFq5RbXiY1vsRqZjcF7fVodCxXwmDcMX aggregates large amount of coins and sends funds to address 1FsVcdeHbpvUVT3gjeuVR2ZSDnpcsJMsLL (owner can be determined with 100% certainity)
For those needing a tip, here’s an article
http://qntra.net/2014/12/virransom-the-latest-ransomware/

As about B and C type of attackers, ultimately users which benefited from such arrangements, once knowledge that they exist, were traceable.
As for example, it happened that an attacker injected in orders payment address pool a certain foreign address at a certain time, then next minute certain users came and placed big orders, all paid to foreign address until foreign address was removed, after which order frequency and value resumed regular trend.

Or there are users which placed 20 orders, but only paid one which had a previous planted foreign address. They kept generating orders waiting to see the address they knew will return coins to them.
Or simply, users were logged doing direct address injection and then paying to foreign address in order to get orders completed and shares added to account.

About D type, in case of regular DOS (DDOS or variants), it’s usually hard to get the perpetrators without help from authorities and process is long by itself.
In case of denial of service based by computer unauthorized access, attackers are easier to be identified.

As about measures to be taken; in class A, interested third parties were alerted.
As about B and C users, it was very uncomfortable to discover this sort behaviour, unauthorized computer access and modifications are very serious offences in all civilized world. It was even more uncomfortable to find some of this users pushing to get paid for their illegitimate shares via social engineering forums (forums were also used to sell and buy illegitimate shares or means to get them), e-mail or other public interfaces.
For the moment there is no final decisions, the measures will range from private actions to publishing list of users and alerting local authorities.
As for type D, the infrastructure will be fixed to mitigate those sorts of attacks.

As a note, there were attacks which moved beyond public infrastructure, but for the moment this won’t be detailed.

About legit payments

First of all, there was no way to perform payments once it was discovered that fake shares and orders were present in database (and backups) before database was cleaned.
Soon it was discovered, that there is no way to continue to pay weekly since the D class attacks simply interrupted each attempt of payment in December and January by generating various types of DOS.
The payments were moved to user balance and withdraw on demand. At this moment the payments are functional for a percent of users and will become functional gradually for entire database of legit users.
And one last thing it was no way to quantize and implement with database corrupted, shares have attached a maintenance tax which is paid “at the end of the year”. We are in the new year already so users will also find attached to account tax value and means to pay it.

The new ASIC

The new ASIC delivery date is now moved to February based on delays and issues induced by attackers.

Kind Regards,
Chris

but calm them down for what? no one is buying shares at ltcgear....at least not in volume to matter.

so why waste the time to bring back site?

if you were going to run; you'd just have run by now...don't bother w/covering his tracks; too late for that. if he's left a trail; stalling for a few weeks wouldn't do any good.

Pretty sure the "announcement" we're waiting for is going to be another long delay.

Hope I'm wrong but I'm still leaning towards the scam view at this point. He's done enough updates to calm the majority of the crowd down for another few weeks probably, which was worth a couple hours work on Friday.

So has ltcgear paid yet?

what progress mate ?

their progress is only to change ETA date at the website

So far it looks as he's making quite the progress today.

So far it looks as he's making quite the progress today.

Ah, I forgot, people in Cryptos are typically so passive, they blame the victim instead of putting big boy pants on and going after the issue. Not saying this is a scam or anything else at this point, but so very sick of people just letting people walk all over them because they lack the drive to go after the scammers.

It may be buyer beware, but the more people that hold projects accountable for their actions, the more the entire community will benefit.

Filling complaints for what?  Being stupid enough to complain when you knowingly bought into something that sounds too good to be true?  Good luck with that one "Hero".

Here are some screen shots if anyone needs them for filing complaints against LTCgear. If you have older ones, please post them.




Paypal is of no hep with this. LTCgear stopped accepting paypal days before Paypal changed their TOS (11/17/2014) from 60 45 days to file a dispute to 180 days to file a dispute. Still no real contact information either from Paypal.

New server is on 1&1 :-)

Tracing route to 74.208.123.208
 
1   0 ms   ipv4-gtw.misk.com [208.43.97.209]
2   0 ms   ae11.dar02.sr01.wdc01.networklayer.com [208.43.118.137]
3   0 ms   ae9.bbr01.eq01.wdc02.networklayer.com [173.192.18.202]
4   26 ms   equinix.dc2.ash.oneandone.net [206.126.236.200]
5   31 ms   te-1-2.bb-c.bry.dal.us.oneandone.net [74.208.1.78]
6   54 ms   te-1-8.bb-c.slr.lxa.us.oneandone.net [74.208.1.77]
7   42 ms   ae-10.gw-distp-a.slr.lxa.us.oneandone.net [74.208.1.101]
8   43 ms   ae-1.gw-prtr-r5-2a.slr.lxa.us.oneandone.net [74.208.1.170]
9   *   *
10   43 ms   [74.208.123.208]
 
Trace Complete