Pages:
Author

Topic: MYCRYPTOMIXER SCAM! 13 BTC LOST USING HIS MIXER - page 5. (Read 2183 times)

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Does anyone know how to do a OP_return script under the transaction to notify whomever the owner of this wallet address that a mistake was made?
1SuggestionCreateBurnAddressDd9g8
1Send546satoshiThereAndToxxxWAVJ9
1TheAddyWith13Bitcoinxxxxxy3AjfNy
Create Burn Address to add a visible message
legendary
Activity: 3654
Merit: 8909
https://bpip.org
I am quite sure it is my account.
The receiving address is the one that needs identification :/
Does anyone know how to do a OP_return script under the transaction to notify whomever the owner of this wallet address that a mistake was made?
I am unsure how it works.

So this is no longer a scam accusation? Lock the thread. And I'm quite sure that whoever got your 13 BTC is aware of it and throwing good money after bad won't fix it.
jr. member
Activity: 39
Merit: 5
I am quite sure it is my account.
The receiving address is the one that needs identification :/
Does anyone know how to do a OP_return script under the transaction to notify whomever the owner of this wallet address that a mistake was made?
I am unsure how it works.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
Ok. Can you confirm if this address belongs to MCM?  bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk
It's strange because the fees were accurately distributed to a separate address as well.

You said in the other thread that this is your transaction:

tx id: 3157a6b04b804eaf927d93ee4e03c4a4e1ff1414840dd12105d1c55cde74a49c

https://www.blockchain.com/btc/address/38JSoBKFuAYXgvMAKsk8aHYmiMfuFS2AyA

Which sends to 38JSoBKFuAYXgvMAKsk8aHYmiMfuFS2AyA and bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk, with the latter being likely your change address, unless MCM uses some weird setup with multiple addresses of different types (I'm not familiar with the site but after a quick look I don't think that's the case). Are you sure bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk is not your own address?
jr. member
Activity: 39
Merit: 5
So, you have made or acquired over 1/2 a million USD in BTC and did not follow some basic security rules of using mixers?

You are by your own words when you made your 1st post you were "freaking out" but managed to register on the forum and make a logical coherent post in 10 minutes.
Or did you copy / paste in from a word document? Not saying it can't be done but hell when I thought I screwed up a $1500 deal last weekend it took me way longer then that to calm down and *I* had the money, not the other guy.

You have deleted at least 5 posts, if you are in the middle of a scam accusation you don't change or edit your posts without noting that.

Until you come up with more proof I am with LoyceV in opposing your flag.

-Dave



Hey I see your point. I freaked out for about 4 hours before finding this forum and writing a post about it. I noticed there were few other accusations and that’s why I wrote here.
I will note not to delete any further posts. I tend to write quickly.
Of course by losing 13 Btc I decided to act as quickly as possible, not ruminate on it without taking some sort of action.
jr. member
Activity: 39
Merit: 5
Murat! How do you know this?
hero member
Activity: 2786
Merit: 657
Want top-notch marketing for your project, Hire me
If they really scamming you, try to contact the organization where they have registered their domain.
How can we be sure if they really scam the OP when they cant provide the letter of guarantee, order ID or the unique code "myCryptoCode" which MCM the second step when mixing coin on their site. Dont you find it strange?

Ok. Can you confirm if this address belongs to MCM?  bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk
It's strange because the fees were accurately distributed to a separate address as well.

Do you (or does anyone) have any ideas how this could have happened -- this could potentially really help other users not face the same issue.
I confirm the address bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk does NOT belong to MCM.


He sent funds from that address. The receiving address is 38JSoBKFuAYXgvMAKsk8aHYmiMfuFS2AyA

someone can check if it's their address or not. I think it's their address.
It only MCM representative only or a user who has once used the address to make a deposit during the process of mixing coin on MCM can confirm if the wallet address truly belongs to MCM since they don't use a single address but most of the wallet is always p2sh .
hero member
Activity: 2156
Merit: 711
Telegram @tokensfund
Ok. Can you confirm if this address belongs to MCM?  bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk
It's strange because the fees were accurately distributed to a separate address as well.

Do you (or does anyone) have any ideas how this could have happened -- this could potentially really help other users not face the same issue.
I confirm the address bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk does NOT belong to MCM.


He sent funds from that address. The receiving address is 38JSoBKFuAYXgvMAKsk8aHYmiMfuFS2AyA

someone can check if it's their address or not. I think it's their address.
copper member
Activity: 57
Merit: 32
Ok. Can you confirm if this address belongs to MCM?  bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk
It's strange because the fees were accurately distributed to a separate address as well.

Do you (or does anyone) have any ideas how this could have happened -- this could potentially really help other users not face the same issue.
I confirm the address bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk does NOT belong to MCM.

Some recommendations to avoid situations like this:
- Always make sure you visit either HTTPS or better, Onion address. HTTP is NOT safe, especially when using Tor;
- Compare the PGP key on Tor website with HTTPS. It is very unlikely for both to be compromised;
- Save and verify Letter of Guarantee with the PGP key. It is common practice for fake websites to replace only the deposit address in LoG, making the signature invalid, but keeping the look and feel;

Those 3 steps GUARANTEE you the success. Unlike services which do not offer a LoG for technical or other reasons, MCM is obligated to process all orders.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
So, you have made or acquired over 1/2 a million USD in BTC and did not follow some basic security rules of using mixers?

You are by your own words when you made your 1st post you were "freaking out" but managed to register on the forum and make a logical coherent post in 10 minutes.
Or did you copy / paste in from a word document? Not saying it can't be done but hell when I thought I screwed up a $1500 deal last weekend it took me way longer then that to calm down and *I* had the money, not the other guy.

You have deleted at least 5 posts, if you are in the middle of a scam accusation you don't change or edit your posts without noting that.

Until you come up with more proof I am with LoyceV in opposing your flag.

-Dave
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Do you (or does anyone) have any ideas how this could have happened -- this could potentially really help other users not face the same issue.
That's easy, don't do this:
Mistakes made
  • Depositing before downloading, saving and verifying the Letter of Guarantee
  • Sending a large amount of Bitcoin to a relatively small and unknown service
  • Sending your entire Bitcoin savings at once to a third party
  • Keeping your life savings entirely in Bitcoin

Malware (did a malware search)
You should never trust a malware search for 100%. There's always the possibility of unknown malware.

Tor exit nodes (Was using Google Chrome on the main site, not onion)
As far as I understand, .onion sites can't be altered the way "normal" sites can be altered by a compromised Tor exit node.
jr. member
Activity: 39
Merit: 5
Ok. Can you confirm if this address belongs to MCM?  bc1qaamrxr0s469970e9m9tea4d9ssa7vfd7uq9cqk
It's strange because the fees were accurately distributed to a separate address as well.

Do you (or does anyone) have any ideas how this could have happened -- this could potentially really help other users not face the same issue.

Things to rule out:

Malware (did a malware search)
Cloned site (Was using PureVPN and incognito mode, very cautious of typing in the correct url: mycryptomixer.com)
Tor exit nodes (Was using Google Chrome on the main site, not onion)
Browser add ons/"computer programs" (Have none besides Adblocker and I also have sent multiple transactions within a 2 hour space and this one was the only one affected)

copper member
Activity: 57
Merit: 32
Dear @Cowboy310, here is the answer to concerns you have expressed in the posts above, including some of the posts which are now deleted or edited. I take my time with response because, besides being quite busy IRL, I can not afford to post messages and later delete them when they do not fit my narrative anymore.

> Please just reply to my email dude

I am assuming you were writing from email address which SHA256 fingerprint is: 4f545b25334cf7f0c9c903788423e31f209e858168e7d04f5ae41fc31650f7dc. I read them prior to posting the reply here. You moved the discussion to the public forum, so I answer here.

> What kind of process do you have to verify your addresses

MCM stores private keys for addresses it operates. This is necessary to make transactions. It is possible to determine the bitcoin address which belongs to private key. Using this knowledge, I can match any address against the database to see whether the address belongs to MCM or not. The private keys and the addresses operated by MCM are not disclosed, as it would compromise their anonymity.

> can you please check your logs and website on the 23rd of feb to see if you are able to find the transaction?

As I said in previous reply, the receiving address of your transaction does not belong to MCM. Bitcoin blockchain is a public ledger, unless there is another transaction you want to ask about, there is nothing more I can do.

> Its odd that you say that in this case the address does not match up because I have. not. provided it?

I based the reply on the bitcoin address you provided in the email, it's SHA256 fingerprint is: 5e5f0a9452e183c7b95ef08fe6ea2b8833bd80e7fc24f4a366c610447b4f8b7f

> I am happy to email you proof of me sending the 13 Btc

As mentioned above, bitcoin blockchain is a public ledger. I have no reasons to doubt you have made the transaction.

> I am not acting maliciously and I quite frankly am shocked that you would assume that

To my best knowledge no orders were facing issues around the time of your transfer. As per previous post, MCM gives the user a very powerful tool in form of Letter of Guarantee. It is indisputable. Earlier in the thread TryNinja sent you a direct link to the LoG of your order. According to the claims you made, the "server crashed" but you "checked the PGP".

> Perhaps you can show me a log or something to verify what you are saying

There is no log. Not only because the logs are not stored or the information were deleted. There is no log because the transaction was never tracked by MCM. MCM tracks only the transactions belonging to its own addresses.

> It's a bit strange to be that you're getting defensive here

I am not getting defensive, but answering a very serious threat to MCM reputation with very sane and down to earth arguments.

> why not just reply directly to my many emails and at least attempt to help me figure this out? I sent an email detailing what happened and find it funny that MCM is only responding in this thread and not to the email address provided on the website.

I will reply to the emails shortly with exactly the same information posted here. The information you provided or offer to provide is only sufficient to determine you made a bitcoin transaction. Had the funds landed in one of MCMs addresses and were not processed for any reason, I would contact you asking for a message signed with sender address describing where the funds should be sent. They have not.

> Has your server processed such a high amount of btc before?

Yes.

> When I processed the payment through MCM the wifi stopped working for a moment

MCM does not have the ability to control your wifi. The rest of the story matches what would have happened if you sent the funds to a malicious website. You should ALWAYS verify the LoG - not only download but also verify against the PGP key. The malicious websites oftentimes give you the LoG with the deposit address changed. Looks the same and is still signed by MCM, but the signature is invalid.

> If someone lost 13 btc through a malware on my site or a cloned version of my site I would respond to their emails at the least.

I will now answer your emails. I am prioritizing responding to the accusation on public forum. Using bitcoin means taking the security and privacy in your own hands. If the funds left your address there is nothing you or a 3rd party can do.
jr. member
Activity: 39
Merit: 5
Hey guys I've written an updated thread here: https://bitcointalksearch.org/topic/m.56439700
It's more concise and better detailed. I was really upset when writing my first post and think I may have left out important details.
jr. member
Activity: 39
Merit: 5
I am happy to email you proof of me sending the 13 Btc I am not acting maliciously and I quite frankly am shocked that you would assume that. I am literally losing my shit over this loss and really just wish to speak to you directly!! Perhaps you can show me a log or something to verify what you are saying
jr. member
Activity: 39
Merit: 5
I know we are going off faith that I sent it through correctly, but I can guarauntee it went through to your server.
I have no reason to act maliciously and I am begging for you to  please respond to my email or send me message here so I can verify the address to which the coins were sent and speak with you directly. What kind of process do you have to verify your addresses and can you please check your logs and website on the 23rd of feb to see if you are able to find the transaction?
Its odd that you say that in this case the address does not match up because I have. not. provided it?
jr. member
Activity: 39
Merit: 5
Please just reply to my email dude
legendary
Activity: 2758
Merit: 6830
Perhaps the attacker wanted to double down using the FUD created by TryNinja post, which debunked their first attempt.
I wasn't trying to FUD, though. Maybe someone turned the missunderstanding into FUD, but that wasn't my intention. We weren't aware of the order lifespan increase. Cheesy
copper member
Activity: 57
Merit: 32
There are two methods to prove a transaction:

- The Letter of Guarantee. A digitally signed proof of your transaction, which indisputably guarantees the funds sent to the deposit address are going to be transferred to specified destinations, according to the settings. Even if MCM made the mistake and lost the PKs to the deposit address, it would be forced to process the order as per LoG. It is a guarantee and a very powerful tool in user's hands.

- The address belonging to MCM. It is possible for me to confirm whether the address belongs to MCM or not. In the past there were cases when the order was not processed properly and after confirming the deposit address is owned by MCM, as well as the ownership of input address used for the transaction, I was able to return coins safely.

In this case, the address does not belong to MCM, nor the user is able to present valid Letter of Guarantee. They claim the "server crashed" when trying to download LoG, yet they have "verified the PGP" on the "secure incognito mode of google chrome" and still proceeded to send substantial sum of money nonetheless. This is at the very least very strange.

There are several attacks on MCM users I am aware of, it is possible the victim fell for one of them:
- fake websites using MCM look
- tor exit nodes changing deposit addresses and the address in LoG when accessing clearnet address through HTTP
- browser addons changing the deposit address on real website
- compute programs changing the deposit address when in clipboard

It is also possible it is the malicious actor who wants to harm MCM reputation. This concerns me especially since we just had another case when the user claimed the funds were transferred to different address. Very shortly after my explanation on how it is possible to find the outgoing transaction from MCM using the disclosed information and knowing that addresses belong to MCM, they posted the txid without demonstrating any prior technical knowledge required for such blockchain analysis. Perhaps the attacker wanted to double down using the FUD created by TryNinja post, which debunked their first attempt.
Pages:
Jump to: