Pages:
Author

Topic: QUANTSTAMP - Phishing during ICO - 60 ETH stolen - Bounty of 5 ETH - page 2. (Read 599 times)

newbie
Activity: 32
Merit: 0
Life update

The scammer has transfered the stolen ETH, just now :



 You have Sent 60.747 Ether FROM the address 0x95869cee6f20f44940f8eebb2f1bd2db804c531c

 The Ether(s) was sent TO the address 0xfffcc946fb6520a77a91c6c51f7938290945462f

 This transaction was processed at block index 4589925 on 2017-11-20 18:31:35 (UTC)

 Please see https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c for additional information.


 Best Regards,

 -Team Etherscan
newbie
Activity: 32
Merit: 0
The idea is to convince the scammer once that he is identified to send the ETH back to my wallet.
In return he gets his live back, and the smartcontract to a hitman is not executed.

GRTZ
legendary
Activity: 2408
Merit: 1102
Leading Crypto Sports Betting & Casino Platform
Dude, do you really think you could return 60 ETH somehow? It would be the best and the most expensive lesson of cyber security for you... Sad
newbie
Activity: 32
Merit: 0
"create erc 20 token very easy actually someone can make fake one with only need around 0.02 eth"

==> Can you refer to some doc, on how to create an erc20 token. I want to create some to see how it works.
==> Is there no KYC procedure to create an erc20 token?

GRTZ
legendary
Activity: 2744
Merit: 1288

https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c  is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017

Via Phising initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c

Please join forces to reclaim all these stolen ETH!

The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phissing victims to use this FAKE address during the ICO.

I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.

If the other victims read this message please respond, so that we can increase the bounty.

The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C

Best regards

P.P.


I think that would be impossible. If i were a scammer i wouldnt let anyone have my real identity i think he uses a unique eth address for him not to be traced by anyone but still hopefull someone can still help you.

Why impossible. You can ask Vitalik to rewind his immutable blockchain back to pre hacked state. If he did before why not now?
newbie
Activity: 32
Merit: 0
Hmmm, as far that I know the use of ETH and Bitcoin is not anonymous.
Therefore we have dedicated coins, like Monero.
So one way or another I still believe that we can trace this scammer!
Maybe we need to increase the bounty? And for a student the actual 5 ETH bounty is a real good start in the crypto world.

GRTZ
full member
Activity: 462
Merit: 109
Thank you for your response, I think that to create (false) ERC20 tokens (with no value), you need to pay, and maybe you need to register somewhere ?
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.

GRTZ


create erc 20 token very easy actually someone can make fake one with only need around 0.02 eth. sorry for your lose, but next time if you want to buy an ICO token make sure check the official website first. cause you dont now that fake or not
I will explain, the atmosphere when this scam took place:
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and  toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...

I know that it is al my fault.

However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.

GRTZ
P.P.

However trace someone via telegram is almost imposible
full member
Activity: 406
Merit: 100
BAILOUT
You can do nothing  Cry 60 eth is actually nothing in this space, because of multi signature wallet contract issues, projects lose millions of dollars and they did nothing because it is impossible to do anything normally  Embarrassed
newbie
Activity: 32
Merit: 0
I will explain, the atmosphere when this scam took place:
- At the last moment I decided to contribute, the ICO was already started and FOMO.
- There was a KYC procedure, so I made quick some photos of myself and my ID and  toghether with my wallet address sent them to the real company.
- I needed to register for the first time to Telegram, because that whas also stated in the KYC procedure.
- After some time I tried a transaction to the real address , but that failed, because my wallet was not yet whitelisted.
- Then someone predending that he was from Quantstamp offered help ...
- He created/simulated an KYC accepted email, pointing to a fake etherscan.io address ...

I know that it is al my fault.

However, can you trace someone via his Telegram Account ? I now that I have given my Phone number during the registration at Telegram.

GRTZ
P.P.
newbie
Activity: 32
Merit: 0
Thank you for your reply.

I have also the dns name, used to create a fake URL , and his email address and email header.

And I assume that he operated from the UK, when I compare his local time of his email.

[email protected]

Domain Name: XN--QUANTTAMP-UP6D.COM
Registry Domain ID: 2187906724_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2017-11-16T16:08:40Z
Creation Date: 2017-11-16T16:08:39Z
Registry Expiry Date: 2018-11-16T16:08:39Z
Registrar: NameCheap Inc.
Registrar IANA ID: 1068


Domain Name: ETHERCSAN.IO
Registry Domain ID: D503300000054555838-LRMS
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: www.namecheap.com
Updated Date: 2017-10-29T21:30:19Z
Creation Date: 2017-10-29T21:30:17Z
Registry Expiry Date: 2018-10-29T21:30:17Z
Registrar Registration Expiration Date:
Registrar: NameCheap, Inc
Registrar IANA ID: 1068
Registrar Abuse Contact Email: [email protected]


Domain Name: PRIVATEEMAIL.COM
Registry Domain ID: 97909107_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2017-10-30T15:01:59Z
Creation Date: 2003-05-14T18:29:33Z
Registry Expiry Date: 2017-12-22T04:59:59Z
Registrar: eNom, Inc.
Registrar IANA ID: 48

I know that he used : https://privateemail.com/appsuite/ to exchange mail , seems difficult to trace.

I will send a mail to [email protected], but have seen already that you can pay there with Bitcoin...

I will report this crime also to :

https://www.ic3.gov/default.aspx
https://www.europol.europa.eu/report-a-crime/report-cybercrime-online

I just tried also to add comment in https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c#comments
to get in contact with the other victims, but they did not approve my comment ?

GRTZ
P.P.



full member
Activity: 216
Merit: 100
Sorry to hear it. I don't know if it's possible to reclaim ETHs. Everyone should be extremely cautious where you click not saying contribute. In Telegram and slack there a lots of scammers waiting for that.
legendary
Activity: 2478
Merit: 1020
Be A Digital Miner
Guys, why the heck are you make contributions to some strange address instead of doing it from the main site of the project? Unfortunately I suppose it's your guilty that you have allowed to rob you.
newbie
Activity: 32
Merit: 0
Thank you for your response, I think that to create (false) ERC20 tokens (with no value), you need to pay, and maybe you need to register somewhere ?
I don't know yet.
I have put a trace on that wallet address to detect when he moves the 60 ETH.
If he moves these funds to an exchange he must be registred there.
It was a smart scammer, and I was a stupid guy, I know. (It was my first visit to an Telegram channel ...)
But I am sure, that there are people out there, who are more intelligent then the scammer.

GRTZ
member
Activity: 68
Merit: 10

https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c  is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017

Via Phising initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c

Please join forces to reclaim all these stolen ETH!

The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phissing victims to use this FAKE address during the ICO.

I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.

If the other victims read this message please respond, so that we can increase the bounty.

The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C

Best regards

P.P.


I think that would be impossible. If i were a scammer i wouldnt let anyone have my real identity i think he uses a unique eth address for him not to be traced by anyone but still hopefull someone can still help you.
newbie
Activity: 32
Merit: 0
https://etherscan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c  is a fake ETH address, used by a robber
during the Quantstamp ICO of 17 November 2017

Via Phishing initiated via the dedicated Telegram channel, myself and 8 other people were directed to this fake URL: https://ethercsan.io/address/0x95869cee6f20f44940f8eebb2f1bd2db804c531c

Please join forces to reclaim all these stolen ETH!

The scammer also created and used false ERC20 tokens, in an effort to convince the 9 Phishing victims to use this FAKE address during the ICO.

I start with a bounty of 5 ETH, for any person who can help to track the person behind this SCAM.

If the other victims read this message please respond, so that we can increase the bounty.

The real address to use during the ICO was : 0xaD41548Fa92921597Da3AE783a330396B47Cba3C

Best regards

P.P.
Pages:
Jump to: