Life update
The scammer has transfered the stolen ETH, just now :
You have Sent 60.747 Ether FROM the address 0x95869cee6f20f44940f8eebb2f1bd2db804c531c
The Ether(s) was sent TO the address 0xfffcc946fb6520a77a91c6c51f7938290945462f
This transaction was processed at block index 4589925 on 2017-11-20 18:31:35 (UTC)
Please see https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c for additional information.
Best Regards,
-Team Etherscan
Topic: QUANTSTAMP - Phishing during ICO - 60 ETH stolen - Bounty of 5 ETH - page 2. (Read 590 times)
November 20, 2017, 01:41:23 PM
November 20, 2017, 01:34:32 PM
The idea is to convince the scammer once that he is identified to send the ETH back to my wallet.
In return he gets his live back, and the smartcontract to a hitman is not executed.
GRTZ
In return he gets his live back, and the smartcontract to a hitman is not executed.
GRTZ
November 20, 2017, 01:17:17 PM
Dude, do you really think you could return 60 ETH somehow? It would be the best and the most expensive lesson of cyber security for you... 
November 20, 2017, 01:02:01 PM
"create erc 20 token very easy actually someone can make fake one with only need around 0.02 eth"
==> Can you refer to some doc, on how to create an erc20 token. I want to create some to see how it works.
==> Is there no KYC procedure to create an erc20 token?
GRTZ
==> Can you refer to some doc, on how to create an erc20 token. I want to create some to see how it works.
==> Is there no KYC procedure to create an erc20 token?
GRTZ
November 20, 2017, 12:54:06 PM
https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017
Via Phising initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c
Please join forces to reclaim all these stolen ETH!
The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phissing victims to use this FAKE address during the ICO.
I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.
If the other victims read this message please respond, so that we can increase the bounty.
The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C
Best regards
P.P.
I think that would be impossible. If i were a scammer i wouldnt let anyone have my real identity i think he uses a unique eth address for him not to be traced by anyone but still hopefull someone can still help you.
Why impossible. You can ask Vitalik to rewind his immutable blockchain back to pre hacked state. If he did before why not now?
November 20, 2017, 12:53:06 PM
Hmmm, as far that I know the use of ETH and Bitcoin is not anonymous.
Therefore we have dedicated coins, like Monero.
So one way or another I still believe that we can trace this scammer!
Maybe we need to increase the bounty? And for a student the actual 5 ETH bounty is a real good start in the crypto world.
GRTZ
Therefore we have dedicated coins, like Monero.
So one way or another I still believe that we can trace this scammer!
Maybe we need to increase the bounty? And for a student the actual 5 ETH bounty is a real good start in the crypto world.
GRTZ
November 20, 2017, 12:47:56 PM
Thank you for your response, I think that to create (false) ERC20 tokens (with no value), you need to pay, and maybe you need to register somewhere ?
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.
GRTZ
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.
GRTZ
create erc 20 token very easy actually someone can make fake one with only need around 0.02 eth. sorry for your lose, but next time if you want to buy an ICO token make sure check the official website first. cause you dont now that fake or not
I will explain, the atmosphere when this scam took place:
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...
I know that it is al my fault.
However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.
GRTZ
P.P.
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...
I know that it is al my fault.
However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.
GRTZ
P.P.
However trace someone via telegram is almost imposible
November 20, 2017, 12:35:43 PM
You can do nothing 
60 eth is actually nothing in this space, because of multi signature wallet contract issues, projects lose millions of dollars and they did nothing because it is impossible to do anything normally 
60 eth is actually nothing in this space, because of multi signature wallet contract issues, projects lose millions of dollars and they did nothing because it is impossible to do anything normally November 20, 2017, 12:32:33 PM
I will explain, the atmosphere when this scam took place:
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...
I know that it is al my fault.
However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.
GRTZ
P.P.
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...
I know that it is al my fault.
However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.
GRTZ
P.P.
November 20, 2017, 12:23:12 PM
Thank you for your reply.
I have also the dns name, used to create a fake URL , and his email address and email header.
And I assume that he operated from the UK, when I compare his local time of his email.
[email protected]
Domain Name: XN--QUANTTAMP-UP6D.COM
Registry Domain ID: 2187906724_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2017-11-16T16:08:40Z
Creation Date: 2017-11-16T16:08:39Z
Registry Expiry Date: 2018-11-16T16:08:39Z
Registrar: NameCheap Inc.
Registrar IANA ID: 1068
Domain Name: ETHERCSAN.IO
Registry Domain ID: D503300000054555838-LRMS
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: www.namecheap.com
Updated Date: 2017-10-29T21:30:19Z
Creation Date: 2017-10-29T21:30:17Z
Registry Expiry Date: 2018-10-29T21:30:17Z
Registrar Registration Expiration Date:
Registrar: NameCheap, Inc
Registrar IANA ID: 1068
Registrar Abuse Contact Email: [email protected]
Domain Name: PRIVATEEMAIL.COM
Registry Domain ID: 97909107_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2017-10-30T15:01:59Z
Creation Date: 2003-05-14T18:29:33Z
Registry Expiry Date: 2017-12-22T04:59:59Z
Registrar: eNom, Inc.
Registrar IANA ID: 48
I know that he used : https://privateemail.com/appsuite/ to exchange mail , seems difficult to trace.
I will send a mail to [email protected], but have seen already that you can pay there with Bitcoin...
I will report this crime also to :
https://www.ic3.gov/default.aspx
https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
I just tried also to add comment in https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c#comments
to get in contact with the other victims, but they did not approve my comment ?
GRTZ
P.P.
I have also the dns name, used to create a fake URL , and his email address and email header.
And I assume that he operated from the UK, when I compare his local time of his email.
[email protected]
Domain Name: XN--QUANTTAMP-UP6D.COM
Registry Domain ID: 2187906724_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2017-11-16T16:08:40Z
Creation Date: 2017-11-16T16:08:39Z
Registry Expiry Date: 2018-11-16T16:08:39Z
Registrar: NameCheap Inc.
Registrar IANA ID: 1068
Domain Name: ETHERCSAN.IO
Registry Domain ID: D503300000054555838-LRMS
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: www.namecheap.com
Updated Date: 2017-10-29T21:30:19Z
Creation Date: 2017-10-29T21:30:17Z
Registry Expiry Date: 2018-10-29T21:30:17Z
Registrar Registration Expiration Date:
Registrar: NameCheap, Inc
Registrar IANA ID: 1068
Registrar Abuse Contact Email: [email protected]
Domain Name: PRIVATEEMAIL.COM
Registry Domain ID: 97909107_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2017-10-30T15:01:59Z
Creation Date: 2003-05-14T18:29:33Z
Registry Expiry Date: 2017-12-22T04:59:59Z
Registrar: eNom, Inc.
Registrar IANA ID: 48
I know that he used : https://privateemail.com/appsuite/ to exchange mail , seems difficult to trace.
I will send a mail to [email protected], but have seen already that you can pay there with Bitcoin...
I will report this crime also to :
https://www.ic3.gov/default.aspx
https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
I just tried also to add comment in https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c#comments
to get in contact with the other victims, but they did not approve my comment ?
GRTZ
P.P.
November 20, 2017, 12:18:32 PM
Sorry to hear it. I don't know if it's possible to reclaim ETHs. Everyone should be extremely cautious where you click not saying contribute. In Telegram and slack there a lots of scammers waiting for that.
November 20, 2017, 12:12:38 PM
Guys, why the heck are you make contributions to some strange address instead of doing it from the main site of the project? Unfortunately I suppose it's your guilty that you have allowed to rob you.
November 20, 2017, 11:53:16 AM
Thank you for your response, I think that to create (false) ERC20 tokens (with no value), you need to pay, and maybe you need to register somewhere ?
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.
GRTZ
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.
GRTZ
November 20, 2017, 11:41:59 AM
https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017
Via Phising initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c
Please join forces to reclaim all these stolen ETH!
The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phissing victims to use this FAKE address during the ICO.
I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.
If the other victims read this message please respond, so that we can increase the bounty.
The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C
Best regards
P.P.
I think that would be impossible. If i were a scammer i wouldnt let anyone have my real identity i think he uses a unique eth address for him not to be traced by anyone but still hopefull someone can still help you.
November 20, 2017, 11:38:45 AM
https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017
Via Phishing initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c
Please join forces to reclaim all these stolen ETH!
The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phishing victims to use this FAKE address during the ICO.
I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.
If the other victims read this message please respond, so that we can increase the bounty.
The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C
Best regards
P.P.
during the Quantstamp ICO of 17 November 2017
Via Phishing initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c
Please join forces to reclaim all these stolen ETH!
The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phishing victims to use this FAKE address during the ICO.
I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.
If the other victims read this message please respond, so that we can increase the bounty.
The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C
Best regards
P.P.
Jump to: