Topic: Massively fraudulent Escrow Transaction! (Read 1006 times)

No doubt that everyone likes simplicity but if signed message for important information was followed then this scam would not happen. I am not saying this has anything to do with you. OP is here to be blamed for not keeping his account secure. I hope this case should be used as an example of using signed bitcoin address wherever possibly we can.

I can't speak for others, but users have always seemed to appreciate my simple and straightforward approach to escrow.  My process is extremely simple and I think fair.  It should be common sense that you need to have a secure account to make trades with it.  The problem here has been identified as the user not securing their account.  Those seeking a deeper meaning or some excitement can dig into my last post on this thread.

Oh..

I didn’t realize that..
Last I knew they switched to multisig and OG was one of them..
I even merited that post.. I wonder if he was edited out of the post since I last saw it..
Idk.. My mistake either way..

And also phoneposting autocorrect mistakes edited..

It wasn't that long ago. Can you try and remember if the seller sent you a link and asked you to check out a thread for whatever reason? Why would there be a need for you to click on such a link? Try to remember the conversations you had with that person that got you tricked.

A phishing link requires you to submit your login details on the fake site. If you spoke with the seller or did some other forum activities one minute and then you were asked to log in again the next minute after getting a link from the seller, that should be something you would remember. Your computer being clean and malware-free is normal. Phishing links are not flagged as malware.

But what about your browsing history? Go through it thoroughly. If you got a link from the seller in PM, the fake site that disguises itself as Bitcointalk has got to be there. Check your browsing history for the day or days (if there were several of them) when you first started talking to the seller over PM and see if there is anything there out of the ordinary. 

Nope.

Okay, well regardless, he doesn't need Og's to hold treasury funds anymore. I do wonder why that is the case.

You mean "amateur". Okay, if that is the attitude you have then the crypto space will forever lose users over easily avoidable things. It would have taken him all of 30 seconds to send me a quick DM. You acting like that is such a big deal is exactly what the problem is. Sure, Og and his "policies" don't say that he has to do that, but it does not mean he SHOULDN'T do it.

I did not know that Og was even willing to accept the shipment, as it would force him to reveal his receiving address to the sellers. Agree, this would have been a GOOD THING TO KNOW! (Another recommendation he should have made to me to protect the security of the deal).

And yes, I agree, it is 99% my fault (assuming I got phished), but the fact Og won't even take blame to that remaining 1%, and admit that in the future he should make sure newbie users who are doing big escrow transactions use a little extra security in their deal, or at least RECOMMEND it to them. That's still, one of the primary points I am upset about. His responses to me and complete dodge of all blame is another thing that makes one wonder how deep the rabbit hole goes.

Sure, I can understand that he maybe sees this as a ploy to defame him... but my God anyone who would do that has to be pretty fkn bored. Because obviously it doesn't do any good. You all just defend him blindly without even considering the fact that he could maybe be doing more to keep this a safe and legitimate place to transact. Because as it is right now, unless you are an expert crypto -> real world item trader... and use escrow a lot... you wouldn't even know of the potential pitfalls. You wouldn't even know to use signed messages. You wouldn't even know to ask if the item could be shipped to the escrow agent. These are all things he should have like a copy/paste message he sends to every person who comes to him for escrow.

Something. Anything. The fact he's been doing it this long, let umpteen number of scams happen (NONE OF THEM HIS FAULT, SURELY)... without him so much as giving me even one word of advice during the process... Is troubling.

OG was not removed as treasurer.. OG is still a forum treasurer..
theymos just changed the way the treasury works..

It is a super amateur mistake getting your account phished..
OG shouldn’t have had to explain that elementary security precaution any more than he should have to explain to you to double check your sending address..

Deals with only messages from accounts are the norm.. Most know to keep their account secure, especially if they are relying on it for such deals..

You could have chosen many different ways of using an escrow.. You chose basic..
You could also have had OG receive the miner and then ship it to you, to make sure a miner existed.. Many do this with physical coins..

This is 99% your fault..

I’ve been scammed in crypto 2 times.. Both were my fault..
Once when I was very very new to crypto for like a $20 gift card..

The other time for one of those pet buying scams because my GF wanted a specific cat, and I was drinking and playing cards and didn’t think twice and just paid for it..
Actually I was really really an idiot and ASKED if they would take BTC because I didn’t have Venmo..
Think it was like $450.. I was a total idiot..

This sucks.. I know..
I really don’t think you should be blaming OG for it though..

Actually I’m pretty sure OG is quite suspicious here that this is a setup to scam or try to defame HIM..
Look at it from his point of view too..

Because during the time when OP was carrying out a deal with Burky155 with the said compromised account, Burky155 obviously knew what he needed to do to trick OGNasty.
If it was any random user with malicious intentions, for example, let's say I had malicious intentions. Why would I hack into BetGalaxyADM's account, tricky the escrow service provider into releasing funds into Burky155's address. What would be my end game? Nothing!

Burky155 did this because he wanted the funds released into his address

Remember when someone compromised your account? I think that's exactly what they did to OP though he is yet to provide us some evidence of how it happened.

I will be more into you got phish linked. Your account credentials were stolen from it. If you are trying to imply that OgNasty has admin access or access in the forum database to manipulate account information then I do not think anyone will believe it. OgNasty is just a forum member like rest of us. Only Theymos has the access of the forum database and admin panel, Cyrus should have it too. But no one else for sure.

I think you need to move on after all. Create a flag for burky155 which you have not yet. Users will support it. I am tagging the account.

The account that sent it to me was: dragospirvu75.

Was it from the same account? Not that it matters, just curious... Burky155?

I had someone try and phish me a short while ago so you were probably targeted too during the same time or maybe earlier. These people will usually send the links to a lot of people and whoever falls for it falls for it.

Sure, Agree, but that doesn't mean I am asking that he REQUIRES these things. Just a simple message "Hey I see you are new... I would recommend a few additional security steps if you want your deal to be truly secure. You can go forward how you have it setup currently, but it is not 100% secure the way it is being done. I just wanted to let you know that."


Agree on the 100%, I was simply stating that to make it clearly obvious that no other person other than the seller was the one with access to my account. Unless the seller himself is also the escrower... but I am not suggesting that is the case here.

And yes, that is what bothers me, that they don't take the job seriously when there are 5+ figures of funds being transferred.

And your last one... that's unfortunate =(


This is the part I don't really agree with. I think that Og has been around in escrow long enough that he has likely SEEN IT ALL. Yes I know OG is/was a treasurer for the forum. I wonder why Theymos removed him from such position. 

Yes I know it was not me (why the "by the way"? lol). I can understand why he felt like he had to release the funds. I just wish he took his job more seriously and didn't let new users to the crypto space who are making a pretty big purchase get screwed over.

A website cannot inject your computer with a keylogger (not without me actually downloading and executing a file)... It can however trick me into logging in again thinking I was on the real website. I have ran scans, malware, etc... My computer is squeaky clean and I have never in my life suffered a security issue like THIS before. That is why I am pretty sure, the only way(s):
1) I got phish linked.
2) Something even more shady happened. I won't imply where my brain goes with this. But I think you get the idea.

I am sure this is first time OgNasty experienced too or he would definitely take the route. From his part I do not see there were anything much to be done. He should not have a doubt when you (which actually was not you by the way) were telling him to release the fund twice.

OgNasty has a long history in the forum. If you are not aware then he was holding 400 BTC for the forum and successfully returned it to the admin after few years. It worth millions of dollars.

There must be some keylogger in one of those UR. You clicked it and he was logging every input from your keyboard. I suggest you reinstall the windows and use a good anti virus to avoid giving him more into.

About 100%.

Unfortunately, not many "escrows" take that job seriously while they take a considerable payment for something as simple as reading a few messages and sending one transaction.

I tried, but clearly it failed I'd offer to do it myself, but I don't want to dox myself to handle physical goods.

@BetGalaxyADM,

How did you get in contact with the seller in the first place? Did it have anything to do with OGNasty recommending them to you? Or it might be another "trusted" forum member, but could be an alt or a fellow gang member of OGNasty. I have read in the past that OGNasty had some connections (including monetary) with the administrators of this forum, that a few people find odd or got them ask questions. Maybe this is how you got hacked? I did not dig into it personally because like you I am no longer having any financial deals with anyone or any organisation promoted by this forum.

It's very reasonable that the service you pay for could afford sending one sentence saying maybe you should use PGP to sign your message, but I think you're wasting your time here. I know because I did, when I got scammed for 100k (but in a different manner, it was not about a purchase of goods). For me, it's now between the lawyers and the courts. They know that at best they'll never have to pay you or at worst they'll just have to pay what they owed you in the first place anyway. But I've never heard of anyone going to jail for it.

Bottom line, mainstream here is a bunch of thieves, exit scammers, liars.

No matter what scam happens it's either:
-The victim's fault (this was my case as well)
-When this can't be defended, like it's a large scale scam where every single person who used the platform got scammed, then it's "ok", and we should have "compassion" for the scammer, because the scammer has done some fair trades in the past: the scammer account has very little trust consequences for his account and continues to do business as usual: https://bitcointalksearch.org/topic/royse777-bitlucy-and-long-story-in-brief-5403679
-When a promoted platform is involved:
     *Either this platform is doing signature campaigns in this forum, so it's your fault, somehow you should know that scammers are everywhere.
     *Either the platform does not do signature campaigns in this forum, so it's the platform's fault, but in this case they can't help you either lol because the platform doesn't care that much.

He could have, yes. But there is another side to that story. People are generally lazy to take the longer and safer route. If OgNasty required from the two parties to sign bitcoin messages as confirmation or doing any extra work besides PM exchanges, he might lose clients because of that. If a client is lazy to do what he says, he will just find a different escrow agent that doesn't require all that extra work. That's just the way it is.

What are the odds that the guy with access to my account was also the seller? Because that is where they had the funds release to... If it was another person I would of expected they try to cancel the deal and change the refund address.. or change the shipping address for the miner.


Yes... I know... and I agree... but I also was the n00b here who hired an expert who I was hoping would offer such advice and keep the deal secure. Especially considering the amount... Isn't that something a escrow provider should at least show some effort in trying to do? If the escrowers did that, it would make this place much less of a hot bed for scammers.


Yes I know, and I will definitely do this sort of thing in the future. Again, I feel this is something the escrow expert service provider should have recommended to me. Especially considering his experience and knowledge of the amount of scamming that can happen here. It really bothers me the complete lack of care he has. You know he did not even so much as apologize for getting scammed? Didn't offer ANY advice like you all have on how to avoid this in the future... didn't show even one ounce of empathy. I will never, EVER, use his service again because of that. He could really help protect and boost his escrow business by making sure less people get scammed and more people have a good experience. Have to ask yourself, why does he not care to do that?

To clarify the bottom of your message. My scott2k account was hacked. Burky155 was posting in the goods section selling mining hardware. We had PM discussions back and forth before going to og for the escrow deal. He did send me some url's, but I unfortunately cannot go back yet and check if they were in fact phishing links, or not. I still have not got a reply to my account recovery email I sent several days ago. This is how we know it wasn't some "random" hacker... The hacker was CLEARLY burky155... because the hacker had the funds release to burky155's provided release address.

The forum account can be hacked and unfortunately you were targeted. If you both or the Trio (You, OG and Burky155) were using signed bitcoin address to communicate with each others using current date then I think this sort of damaged could be avoided.

OG in his signed message:

Burky155 in his signed message:

You in your signed message:

Whatever you do; the idea is, the important information should be digitally signed from known bitcoin address. So you do not need to trust the forum account or telegram account or any account.

I am wondering why OG and minerjones or anyone else who are offering their escrow service do not practice digitally secured signing.

This is not going in my head. The timing.

Assuming Burky155 is a hacker. How the hell he had this clear timing when BetGalaxyADM needed the mining hardware, he see and order it then hack BetGalaxyADM to confirm OG to release the fund?

I don't see any of this being the escrow's fault unless the deal was that OgNasty has to see the tracking ID personally and verify that the goods have been shipped to the correct destination. Was that the case here? If you and OgNasty didn't agree for him to verify the tracking ID, it's not his responsibility to do that.

You could have made this deal safer yourself. Some people already mentioned how.
Since you have two accounts on Bitcointalk, the deal could also have included that confirmation to release funds needs to come from both accounts. Or the forum account + any other type of confirmation like Telegram, social media, Skype, etc.   

I just checked and you are a DT2 member. I hadn't seen your feedback as it was not under trusted feedback. It looks like it has something to do with my trust network. I will try to correct it.

I rarely tag and I tagged it a while ago..
Am I not even DT2 anymore? Lol

Meanwhile, why isn't Burky155's account tagged, and perhaps a flag created yet?
I mean, by the time someone logs into the other parties account and even sends a message to the escrow provider to release the funds, then that means he's directly involved.

Or are we first waiting for him to find a new victim while all the blame goes to the escrow provider?

Or, and I am just putting it out there you account password was hacked / found out a while ago. Until you went to do a deal it was not worth doing anything with.
Kind of like when malware is dropped on a computer and the threat actor pokes around a bit finds nothing and leaves. Weeks / months later comes back in and finds a bitcoin wallet or a list of banking usernames and passwords or whatever. The user is going nuts trying to figure out what happened, what they did yesterday / last week / last month. But, in realty it's been lurking since last year.

-Dave

This will probably sound draconian but I only log in here using lynx text broswer (with only ASCII character support) so I can easily see if somebody is trying to give me a phishing login link.

Maybe your account was phished. Check your browser history for any weird looking domains like "bitcointalk.org.123456.hackers.us".

(And no, ognasty does not have forum backend access.)

This does sound like it could be the case, and if/when I get back into the scott2k account then I hopefully will be able to discover that once and for all... and of course if it is the case then I will apologize to Og for publicly insinuating that he is possibly involved in the scam (as I did a few times here, but the posts may have gotten deleted).

I am still rather upset that he as the expert professional who I paid and hired for the job... didn't provide me any sort of advice or do anything to make it even remotely difficult for the scammer to accomplish this. That is what bothers me. It shows a complete lack of caring or desire to actually do a good job. Especially with a large sum of money like that. Just willy nilly'd it away.

I have reviewed several cases similar - being granted access to all involved parties dm's - even when some were deleted by one of the involved parties (if one side is deleted but the other side kept it, then they are still there) and what is the same each time is this:

1. person being scammed receives a dm with a link that appears to be a thread in the forums
2. user receiving the dm clicks the link - gets a page that "looks" like forums and requires them to re-log in
3. at this point user has just given their pw to the scammer
4. scammer agrees to use escrow
5. scammer sends message from hacked account to escrow to release funds
6. scammer gets paid
7. user gets nothing
8. escrow gets blamed

This is not the fault of the escrow. maybe it could be solved if the escrows require a signed message from the buyer before releasing funds - for the scammer to do that would require that they also compromised the buyers private keys.

The problem here is that many users sadly use exchange accounts or dont know how to sign a message.

Ohh awesome... I thought I was going to have to download the entire bitcoin-core chain data.

And yes, already sent the email off

Thank you!

---

Message:
August 17, 2022 - BTCTalk Verification. I am scott2k / BetgalaxyADM.

Address:
bc1qk8skrwwuegucy796gmfmfc7zxy0d0pll6aysk2

Signature:
HwV8IdYdgE+Ksktqy/16fkYo/+2qBW3wLavK1qye1irgV9aBHqzj6/qArVfilQDAMQznY21Y9VofI6MPLYWBg/Y=

[moderator's note: consecutive posts merged]

Import the seed phrase in Electrum and you can sign it

And follow the steps in this thread to recover your own account https://bitcointalksearch.org/topic/recovering-hackedlost-accounts-5089777

Owning the email address the account was created on explicitly proves that I am the owner of the account that was created with it.

Good luck with your lawyer I guess..

This forum is not a hand holding forum (2FA)
It is not a lawyers or governments hand holding forum either..
If you can’t explicitly prove that account was yours, you probably aren’t getting it or anything out of it..

The users here are much more skilled at figuring out what happened than 99% of lawyers or their “experts” are anyway..

Well... I am hoping that won't be the case. (about them deleting everything... and if they have, I will ask the person who gets me access back to roll back those deletions... it should be possible... if not my lawyer will get it ).

In either case, I can prove it by sending bitcoin out of that same wallet again, that wallet clearly goes to Og and then clearly goes back out to another user.

That alone right there proves that a big transaction took place.

And also the simple fact that Og was in here already replying to me and confirming that he released the funds because the authorized account said it was alright to do so.

I am not going to post screenshots from my personal email account of the PM's we had over the past weeks during this dealing... that will reveal sensitive personal information about me that I am not going to show to the world... I will however send out a small transaction from that wallet should anyone want me to prove I own that wallet. If that's something you want me to do, just let me know. I will send it to an address I post in a post here right before doing it.

And, thanks for the advice   - every other platform where I maybe use that password has 2fa, so I'm good.  


Edit:

I will also add this, if I regain access and am able to look back at old messages and do discover that I got phish linked or something like this... I will of course come here and report that. It will make me a lot less mad at Og over it, but nothing changes with the fact that it's fairly appalling that this website doesn't have 2fa or even email check or something when connecting from a first time IP address.. just some extra layer of security... and I also would still be partly mad at Og for not being a very good escrow provider and detecting the security holes in the deal. I'm not the expert, he is. I paid him to be that expert for the transaction to go through securely. Didn't get what I paid for.

Yea you could just be stirring up shit..

Getting your account back may not help you at all because whoever has it can delete everything..

Post what you have..

This forum doesn’t offer much of anything other than a place for people to write posts.. This is not the forums fault at all.. So stop that..

Dealing like this only relying on account communication isn’t unusual and is pretty secure, because users that make big deals usually keep their account secure..
If your going to rely on the security of your account, keep your account secure..

If you want real security don’t rely on your account, rely on your keys..
Cold keys would be best..

You better change the passwords on all of your accounts..
Like right now..

So I stole my own money and am coming here just to make a stink? For what? Boredom? I mean if I made some request that OG refund me the $11,500 or something then maybe I could understand your BS claim here... but I have not once asked him to return my money... I'm not an idiot, I know that money is gone forever.

No, this is a old work account who I was a moderator for, and I had access to, to reply to support questions when they came in. My personal account is the one that got compromised, I used this account to try to quickly stop what was taking place.

I will post proof just as soon as I regain access to the account.

While I do agree now knowing what I know, the escrow deal could have have more secure terms... but isn't this exactly what I PAY FOR THE SERVICE FOR? Why didn't Og notify me "Hey, based on my expertise, this doesn't seem very secure. I recommend adding this... or that" Yeah maybe it's not his entire responsibility to do so, but it shows exactly how lazy he is at his job.... and people should know this. Part of getting a escrower is you expect them to help you to avoid such pitfalls.

And sure, we will find out if I did get phished or something, but that being said, it is still completely ludicrous that this website does not offer 2fa when it offers massive marketplace services and other things that really require account security to be strong. I think it is hard to argue this. And there is really no reason for it. It is a free service google provides and other providers provide as well... and it is usually very easy to integrate, although I admit I wouldn't know since I have no experience with this forum framework from a development standpoint.

Sure - you are right I guess we should have used more security... but my point still remains the same... the escrow agent should have detected this and atleast alerted that he felt the deal was not secure for the seller or buyer or both.

Yes I have plenty of proof, it's just only viewable in my email account. The scott2k account is locked, I have emailed to request access be granted back. Waiting to hear back, and if I get back in I will gladly prove to you that I am infact Scott2k... Og knows I am scott2k because I gave him the original shipping address in the private messages during the original dealing.

I agree... this situation needs A LOT OF EYES ON IT THANK YOU FOR POINTING THAT OUT!

“And part of the agreement was that I would verify the item was a legit, working, antminer L7”

Post proof!

Post all communications including these agreements..

Almost done reading and will have more to say momentarily..


“
And also we know it was likely the “seller” who hacked because she just simply had the funds released to the wallet that the burky155 account provided.”

BS!
You could be both the buyer and seller here..
This could be all just YOU trying to create drama and possibly scam here..
You could be the scammer here..
Nothing is certain.. Yet..

BTW I really don’t appreciate you blaming this forum and all of your 2FA posting nonsense..
You fucked up..

This escrow deal wasn’t very secure in the first place!
Any escrow deal depending on only communication from an account/account ownership is less secure than it could be..

You ALL agreed to a less than secure deal in the first place..
Less secure than possible at least..
This is very common, but not as secure as it could have been..



“Owner Of Betgalaxy.io Profit-Sharing Casino”

You own a crypto casino and don’t even know how to secure an escrow deal?
Lazy..

Very suspicious..


If you all wanted to engage in a more secure escrow transaction NONE of you should be accepting ANY communication that isn’t/wasn’t cryptographically signed with a bitcoin/crypto address or PGP..
Relying on a forum account as proof of identity is lazy.. (common with smaller deals like this, $10k is a modest sized deal but not massive)

If I was to escrow deals like this NO agreements or directions such as releases would happen without every single last critical instruction and contract all being signed every time other than blockchain proofs such as TX IDs..


OP do you have any proofs of your communications at all?


Should this be moved to scam accusations?
This situation needs many serious eyes on it..
And for all involved to stay on topic..

My email is secured with 2fa.

It is very clear to me that only my BTT account has been accessed.


And part of the agreement was that I would verify the item was a legit, working, antminer L7…. So no matter what there is a security problem, and ultimately no password is secure without 2fa of some sort.

And also we know it was likely the “seller” who hacked because she just simply had the funds released to the wallet that the burky155 account provided.

That being said, he should have known something was not right when the guy said he would ship it within 3 days…. And that he would provide tracking once shipped (as I posted requiring him to post tracking in our group chat once he had it)…. And they tracking was never given, as well as Og seeming to not pay attention and going ahead and releasing the funds…. With haste too.

---

It’s just a wallet on exodus, if you can direct me to where I can go to sign a message, gladly. I also think forum mods can confirm it via my IP address. This is what I’m hoping can be used to grant access back to my personal account.

[moderator's note: consecutive posts merged]

LOL... Did you forget that this scam accusation isn't against me, nor did I open it, or have anything to do with it.

Your narcissism is in full effect, I love it! ... Deflect, claim to be the victim, blah blah blah blah - Funny how it's just like Mr. Steel isn't it? Hmm...

The most hilarious part is you have the balls to blame me for this (and that one) in some stupid inadvertent way, knowing full well I have zero to do with anything of that shit... I mean think about it, if I did, why would I announce it to the fuckin world here lol?

Damn, ok, so if you feel like taking it to reputation, feel free to make up some more fake shit about me like usual, I'm sure the community will ignore it as always, or just shitpost it to death.

I would like to add - It's quite amazing the amount of PM's I get from people who feel the same about you but don't have the fuckin balls to say anything on the forum, for fear of a "red mark" on their account....

PS - TMAN says hello!

Make sense.

Even "OG" asked for the shipping ID to the scammer, fake ID shipping can be sent and "OG" will release the fund anyway. Since the deal, was not included a check confirmation while the buyer received the package while he opened the package as well.

---

For @OP, my speculation is your account is getting targeted hacked while you're discussing with him. You can get "redirect phising site", the scammer send you message with "bitcointalk message" and redirect you to a phising site.You put account information on the phising site, is gonna tell you a wrong information but after phishing site will redirect you to the real one. So, once you put again is gonna to be success and he got your account information.

To be honest, to make a different "I was visiting the phising site" I using "Login forever". Once, you opened bitcointalk but with condition your account is not login then should aware more could be visiting a phising site.

Now that we’re all up to speed on what this actually was, seems like the thread can be closed.

You failed to mention that you were the one that attacked me first just lately... I haven't mentioned your name in literally a year or two. I actually enjoy living in your head rent free it's kind of fun. I know it really annoys you that I'm on default trust but did you really have to try and get me kicked off the signature campaign for no reason? By the way you're the asshole not me, go back down to your basement and and keep typing shit posts for money.   Keep on scamming, it's what you do best! 🖕🖕🤣🤣


PS I love how you're some kind of amazing psychologist who can actually crystal ball things in your head... 🤣🤣🤣

https://imgur.com/i4Nros5

I was waiting for you to chime in here.  I thought it was a bit odd that suddenly an escrow drama blows up after you again start launching attacks on me.  Last time you started launching attacks on me via the trust network and posting lies there was the drama of the telegram impersonator which stopped completely once your Freudian slip of the tongue seemingly became an admission of guilt...  I wasn't going to bring up the timing of this, but it is suspect to say the least given your recent harassment and negative trust.  I have no evidence other than coincidence, but if the shoe fits...  I only hope this drama blows up enough for you to be worth the escrow fee it cost...

This should be moved to reputation so that I at least get paid for sig spam for engaging in what I believe to be manufactured forum drama.

I didn't say it was OG's fault !

Just thought it would be a good idea for OP to prove he is the owner of the scott2k account in a more credible way, not just confirming some shipping addresses that anyone who had access to his account could probably see in the PMs

This might help to find out if the account was hacked, but it's not a guarantee that scammer will get the money back. In this position, we never understand, whether the user recieved the product or pretends to. Or the fact does not received. because, the account that communicated earlier was hacked, so it's hard to accept any excuses. So, even though he signed a message, OgNasty couldn't do anything because he had already provided services according to the policy he had.

- Receive escrow money,
- Buyer confirms receiving the goods
- Escrow is released to the seller.

So, in this case, the sign message will only tell us if the account has been hacked, not to demand responsibility from OgNasty to return the money, because that is no longer possible, and this is not ognasty fault.

OP, can you please sign this message "Today is 17 Aug 2022 and I am the owned of the account scott2k" from the address you sent OG the coins ?

Either to him in a PM and he can confirm or in this thread

But considering that he uses a single address for escrow one might assume your address is https://blockchair.com/bitcoin/address/bc1qk8skrwwuegucy796gmfmfc7zxy0d0pll6aysk2

I don’t see any fault on the escrow side because your account itself is the one who confirmed that everything is good and tracking number is not required to received by escrow if the you already give the signal for a success trade. OG will never know if your account is compromised or not unless he will browse your trust record and this will only possible after the deal went successful.

You are responsible for your account security and you should enable 2FA if you are dealing with huge amount here in the forum. You should state too on the agreement that you will only allow the escrow to release funds if you have the tracking number of the parcel because it’s available since day 1 once the parcel is already book for delivery. Securing the tracking number is your responsibility and not the escrow. The escrow will just release the funds if you say so regardless if you have the tracking number or not.

Interesting but not new it happens often, when you are “online” anything can be compromised. What if it’s not BTT but your email was compromised or may be your laptop is infected with a virus? Or may be someone known to “you” who knew your password?

Og is right how would he know if it’s “you”? Once your password is compromised means scammer now have access your message too so proving a shipping address proves nothing.

Your whole point revolves around not getting any tracking number, but this too can be framed very easily. What if scammer mailed you an empty box or may be a “brick” with a valid tracking id and when it’s delivered, funds released.

I’m just trying to show you that even a tracking id would have saved you.

In short in this case you can’t blame OgNasty. You should have been vigilant before transacting such big amount.

I was going to stay out of this until I remembered this.... SO.... I'll just leave it here, and you can all decide for yourselves who is the scammiest escrow around?

https://bitcointalk.org/index.php?topic=3160695.0;all

Maybe you exchanged some personal messages with him, and you clicked on some link he sent you.
Scammers often use this tactics to steal login information from their victims, by opening phishing page and entering login details in fake login page.

Even 2FA is not perfect protection, but you could improve security by adding 2FA (not sms related) to your email address.
In forum profile settings you can modify it by visiting Account Related Settings, and enabling option to Limit IP retention, BUT there are some risks when doing this and you can lock your profile.
You can also sign a bitcoin message in forum to prove ownership of your account.
I think it's a good idea to move private conversation from forum PM to more private conversation with encrypted conversation, maybe email or other alternative.

For what it's worth, I think this applies:

A signed message from the buyer's used address or the refund one (if different) should be a MUST for any confirmation to release funds to the seller IMO. Did not use any escrow service (yet) and don't know first hand the whole process but seems to be a necessary practice if it's not already a requirement.

Waiting to see what/if Burky155 replies in this thread...

Why is the consensus (maybe not in this thread, but on the forum as a whole) that 2FA is unnecessary? OP's password could have been typed into a phishing site (as LoyceV suggested) or lifted by some clipboard malware or copied by a keylogger. Even a basic implementation of 2FA and lazy (single device) usage would have prevented any of those attack vectors from working...

I've (naively, I should know better by now) made a topic about this here: The forum needs 2FA

Very sad to hear that but that's something childish. Crypto has nothing to do with this case. It's your fault of course.

If the amount was released to the agreed address and there was a confirmation from your account, I don't think you can blame on OgNasty for this though OgNasty could have done some more investigation as an experienced escrow service provider, you can't blame him at all. It's your responsibility to secure your account.

@BetGalaxyADM, please read the forum rules, because that will help you not to break them.

---

The security features provided by the forum could definitely be better, but don't blame the lack of 2FA for what happened to you. Ask yourself how it is possible that you exposed your password in some way, and that regardless of the fact that you used a respectable escrow, you did not additionally secure the whole deal with a signed message of your BTC address.

In that case, you would have additional insurance even in case your BTT account is hacked, because the escrow would not release the funds without you confirming it with a new signed message. The chances of someone hacking your crypto wallet and stealing your private key are still negligible, right?

This is the most likely case.
OP, look at the accounts your opponent owns.


One has already been charged with fraud.
https://bitcointalk.org/index.php?action=trust;u=663730


This person most likely hacked you, OP, because his reputation suggests a dishonest person. Check all links sent by this account.
At the same time, it is not surprising that you were contacted by an account that has been in a dream for three years, although its second account lives safely on the forum.

Here's my topic on Best practices for Bitcointalk escrow providers, with links to the case where $50k was scammed.

@OP: any chance you entered your password on a phishing site? Chances are you got a link by PM before your account got hacked.

Without this, escrow provides false security. It can go wrong on so many levels if one of the parties is an innocent Newbie and the other an advanced scammer.

Yeah, and I still don't even know how my account was hacked.

I also would love to know how to keep any account secure when there is no 2FA option available.

Yes, you had the funds for nearly 3 full days... but he specifically stated it would take him UP TO 3 days just to SHIP IT... and he would LET US KNOW once shipped...

Which he never did...

I get it, you can't hold funds ransom, but you have to know that something could have gone wrong... the fact that it never appeared to have even been shipped yet...

and to release the funds to him within 40 mins of him requesting it from MY account... so fast... like cmon...

In the future, I would recommend REQUIRING a tracking # be confirmed to be provided... AND at least 2 days thereafter before any release can happen.

Because I am obviously not the only person who has had their account broken into.


And additionally, use whatever pull you have if you have any, and get the btctalk devs to add fkn 2fa... its 2022 for Christ's sake.

I held the funds for 3 days.  That's plenty of time for shipping to have occurred, especially considering they were discussing this deal for days before BTC was sent.  When they asked me to release funds I even made the buyer double confirm that everything was ok and to release funds.  It's not my place to hold onto someone's funds when they tell me twice to release them to the seller.  The release approval was from the right account.  It was being released to the prior agreed upon address.  

Keeping your account secure is important. 

1. Yes, sure. But the way my account was reset first, and then email changed... makes me think some fuckery afoot.
2. Yes, and I chose Og because I have used him for other transactions in the past. Those that weren't with a scammer though... smaller transactions as well.
3. Agree maybe I shouldn't have, but this is also one of the only places to really facilitate such trades... The platform should be more secure especially considering how common these trades take place.... and apparently how easy it is to hack a btctalk account... is there even auto-lock on too many failed attempts? Can it be attempted a million times if the guy just changes his IP address and clears cache?
4. The agreement was that after the item was shipped, and after I received it and verified it is a authentic Antminer L7 miner... I would release the funds.
5. I have gotten some replies from Og, but nothing from Burky155. I do not believe Burky155 sent the miner... because the "hacker" told Og to release the funds to Burky.. Clearly a scam took place and there is no mythical Antminer L7 in the mail on it's way to me.

---

And regarding your last question "How would I proceed from here?"

First and foremost, obviously try to get Burky155 to refund the funds or ACTUALLY send the miner (this won't happen though, we all know that). Second, course of action will be to ask my lawyer to file subpoena requests through the courts to obtain the information I need to proceed with either prosecution, or the file a lawsuit if it is deemed against regulations and/or illegal to facilitate such services without proper security systems in place.

That's where I'm at with this, and I have the resources to go as far as I want with it... and given enough subpoena's to exchanges, this website, etc to find out the true identities of these people... I will eventually get at minimum a lawsuit filed.

While I know ultimately the scammer is "at fault"... I also believe that btctalk may have a legal obligation to have some bare minimum security features if they wish to continue to facilitate marketplace services... I don't know though until I ask my lawyer tomorrow to begin investigating the laws and what I can and cannot go after.

I sure as hell am going to try.

---

Update:

Og gave me his last dm... he has now blocked me from dming him...

He said the miner could have been overnighted... lol

I tried to remind him that..

In the message with the TXID of my payment, I specifically instructed Burky155 to provide tracking information, to insure it, and signature delivery.

Burky then replied saying okay, and he would ship it in 1-3 days and would LET US KNOW when it was shipped.

That didn't happen... and he STILL released it..


And then he blocks me


Fact of the matter is... yes I screwed up, but so did OgNasty, and his complete lack of taking ANY responsibility for not following the exact guidelines of the deal... and letting a scam take place... is going to bite him.

I am going to release the hounds on this one... I don't appreciate getting a terrible service, being told that IM the one that screwed up SOLELY... and then blocking me from further communication.

No empathy. No offer of refund of his fee (measly $150, who cares anyway)... Pure assholery and smart ass responses that just lead me further to imply that he possibly is "in" on it.

I am going to utilize all of my resources to find that out, and also all of them to make sure people know to not use his escrow services, and to generally not use escrow services on a platform that has horseshit security.

Probably because they're two of the most established and trusted escrows here? That's what you requested, right?


Didn't you make a little research as to the two options provided? How did you come up with Og and not minerjones?

Also, did you not also check the background of the user you're about to do transaction with? I'm asking because burky155 was inactive for more than 3 years before suddenly coming out of nowhere selling something.


A 2FA could indeed be of help. But knowing that it doesn't have this feature, why did you proceed with the transaction? Also, what happened to you could be considered isolated. I mean, it's not everyday that an account involved in a transaction got hacked in the middle of it.


I don't think so.

Have the three of you been communicating until now? How would you proceed from here? Do you believe that user burky155 really sent the item that you bought? I guess you should communicate with him/her. If he/she indeed sent it, then no problem. If he/she didn't, then it is obvious he/she is scamming you.

Funny, the seller was only okay with using OgNasty or minerjones.

ONLY THEM.

Doesn’t that imply some sort of coordination?

---

How can I properly secure my account when this platform doesn’t even have basic (and FREE) services to do so? Like google 2fa.

And the reason the escrower should also have had a red flag was that there’s no physical way the package could have arrived to me that quickly. Not just the fact that he hadn’t given tracking info yet.

---

What I find interesting, is that the “hacker” first reset my password, and THEN changed my email address.

For those familiar with the emails you receive when those actions are done… only the reset password email has a link to lock the account, but the email change does not have this link.

So I find it curious that he changed the password first, knowing I could instantly lock the account…. And didn’t first change the email so that I wouldn’t get the follow up email that the password was changed (the one with the link to lock account).

The fact that he didn’t change email first… tells me he maybe HAD to reset my password first to get into the account at all…

What I want to know is very important and my lawyers will have a way to find out:

1) does OgNasty have any access to any backend systems that allows him to reset a password for a user? Like a support feature.

2) if so, was that backend system accessed by anyone and was my password reset via that…

---

And Og no longer will reply to me on this account... because "he doesn't even know who I am"

Even though I explained clearly that I am Scott2k and provided confidential info that only Scott2k would know (like the original shipping address).

Just avoiding the issue.

I don't blame him... I'd want to crawl in a hole too.

There was a similar case where minerjones released 50k dollars after a hacked account said so.
LoyceV post there links.

I actually find it a bit weird that in failing to secure your account, you are blaming your escrow and this forum and everybody else when it is clear that you're the one who failed to make sure that your account is safe.

Your escrow dealt with user scott2k. If user scott2k says everything's good and instructs the escrow to release fund, why should the escrow not do as instructed? You were saying that there wasn't even a tracking number. How would you know? After all, you've got no access to your account anymore. Is it not possible that user Burky155 has already sent a tracking number?

But I think you should settle this with escrow and Burky155 through private messaging.

I have DMed Og about it and he said:

"No idea who you are but we’ve never communicated. The proper account authorized release and all policies were followed. If you failed to secure your account that is hardly my fault. The release address was confirmed at the time of escrow and you approved release to it. Not sure how you think I would know your account is compromised."

I replied with

Og, how do you release the funds when no tracking information had even been provided yet!?

---

And yes, it is the scott2k account.

---

While I agree that maybe some more negotiation needed to take place... I never in a million years would expect the seller himself would be able to gain access to my account and call for the release before a tracking # was even provided... I guess I could have been a fortune teller and asked that a tracking # be provided prior to any release.... which I assumed was just standard procedure... if there is no proof provided that a item was shipped how can the transaction take place...?

How the hell does THAT happen though, how did the seller even gain access to my account... what are the odds of that? And if it is something that happens from time to time via some known hack vector or spoof link or whatever... how am I the first person this has happened to, to the point that Og didn't sense something was amiss???

---

Update:

OG basically just saying:

"It was released by the authorized account... all policies followed.."

And that it is my fault that my account wasn't "secure".

My reply to him:

While it is understandable that it ultimately comes down to my account's security...  I still WENT TO HIM because of his knowledge and expertise and likely ability to spot something that looks "off"... and make sure nothing goes wrong.

Very bad experience. And I will make sure everyone knows to be wary of escrowing with him because of his lack of attention.
And to blame it on my account' security... when escrow is being offered on a platform that DOESNT EVEN HAVE BASIC ACCOUNT SECURITY FEATURES LIKE 2FA!!!!! Which I also will make sure that my following is aware of this as well... escrow shouldn't even be fucking allowed on here without 2fa being integrated first. How the fuck does this website not have 2fa?

That in and of itself is what bothers me the most now after thinking about it. WHY IS ESCROW EVEN ALLOWED HERE WHEN ACCOUNT SECURITY CANNOT BE GUARANTEED!!!!!

Close down the marketplace until 2fa is implemented! Do SOMETHING!

I can't find the change in the seclog but I'm wondering if that was because the account was a lower rank or something (I'm assuming it's scott2k you referred to in another thread).

I think there should've been more oversight on negotiating terms before now from both sides but it may be weird OG didn't have a window (maybe a day) before releasing the funds after a confirmation from you (also was your only method of communication this forum)?

I doubt they were in on it though and you could probably come to a solution by dmming them and waiting for a response.

Hello!

I recently made a post regarding my personal account being compromised.

I have investigated what all took place! It is clear some shenanigans took place and I cant help but see how the escrower himself was not "in" on it.

1) I had a paid escrow deal for some mining hardware with user Burky155.
2) OgNasty was our escrower and he confirmed that he had received the funds (about 0.46~ btc)
3) I provided a shipping address, and my BTC refund address.
4) Burky replied after Og confirmed the payment... and said okay the shipment will be sent in 1-3 days, and he would provide tracking information.
5) This was 3 days ago... No tracking number was provided yet, but I logged in today expecting to likely see that tracking number... since we were at the 3rd day.... But this is when it said my password was incorrect.
6) I went to my email, found the password reset emails that came, and email address changed as well... at 8:36AM mountain time.
7) At 9:16 mountain time, the funds were sent from Og's wallet, to Burky155's wallet.

My questions are this:

1) How the hell did my account get hacked into... It is clear that it was coordinated with someone in the "know" and the guy went into my account, replied and said "All is good, release the funds"... when all was not good... and allowed the funds to be sent TO the original address Burky155 provided... which means that Burky himself had to of been the guy inside my account... or OG/Burky were working together??

2) Why the hell would OG release the funds??? Even if Scott2k messaged and said to release the funds.... without even getting a tracking # to verify it all? It does not make sense to me how a seasoned escrower would not sense something is amiss and wait for a tiny bit more confirmation before simply RELEASING $11,500 in bitcoin.

3) Any path to recovery? Is my evidence clear that Og was likely involved in this, or not? Because I don't understand what logical person would just release funds so quickly without so much as a tracking # even.

Ugh... I am going to quit crypto forever. This wasn't even MY money, it was for a friend who was just wanting to buy a miner.