Pages:
Author

Topic: Sextortion - more than 4000 BTC cashed (Read 818 times)

newbie
Activity: 26
Merit: 4
June 20, 2021, 11:50:46 AM
#65
Making a mistake is not always the result of laziness, it may simply become overwhelming at some point realistically speaking.

Or are you deeply into protocol and analytical stuff or just a hobby?

Yes, only once of 500 times at 3am in the night a little mistake and the privacy is weakened.
It started as a hobby but in the meantime I do it professional.
hero member
Activity: 1428
Merit: 538
June 18, 2021, 06:01:48 PM
#64

I see what you are saying and I know that companies like Chainalysis can go far beyond what many people think. But if you get your money into Monero and you send it a few steps ahead, maybe just divide it into a couple smaller transactions onto various Monero addresses, how are you going to identify the scammer? Isn't then the only way to crack Monero itself? I see why Bitcoin is relatively easy to trace even when mixers are used, but for as long as you are careful with hiding your IP and you are not unlucky using an infected TOR node, there is no way to really find you before any exit. Am I wrong?



If you have bitcoin on 10 addresses and you go with 6 of them into Monero with own Bitcoin and own Monero node via a decentral exchange and obfuscated IP and if you later on avoid co-spending any monero-ed address with one of the other 4 (including their children, grand children etc) then it's really difficult to trace you. But the weak point is that humans get lazy over time and the chance isn't low that you co-spend the wrong coins and then the obfuscations were a waste of time ....

Yes thank you for clarifying. I know laziness is what catches them in the end and that laziness is almost an exaggeration because staying anonymous is hard work. Lots of work documenting the different paths your coins took in order to exactly avoid what you said regarding children, grand children etc. Making a mistake is not always the result of laziness, it may simply become overwhelming at some point realistically speaking.

Or are you deeply into protocol and analytical stuff or just a hobby?
newbie
Activity: 26
Merit: 4
June 17, 2021, 01:49:09 PM
#63

I see what you are saying and I know that companies like Chainalysis can go far beyond what many people think. But if you get your money into Monero and you send it a few steps ahead, maybe just divide it into a couple smaller transactions onto various Monero addresses, how are you going to identify the scammer? Isn't then the only way to crack Monero itself? I see why Bitcoin is relatively easy to trace even when mixers are used, but for as long as you are careful with hiding your IP and you are not unlucky using an infected TOR node, there is no way to really find you before any exit. Am I wrong?



If you have bitcoin on 10 addresses and you go with 6 of them into Monero with own Bitcoin and own Monero node via a decentral exchange and obfuscated IP and if you later on avoid co-spending any monero-ed address with one of the other 4 (including their children, grand children etc) then it's really difficult to trace you. But the weak point is that humans get lazy over time and the chance isn't low that you co-spend the wrong coins and then the obfuscations were a waste of time ....
full member
Activity: 2268
Merit: 121
Enterapp Pre-Sale Live - bit.ly/3UrMCWI
June 16, 2021, 10:18:40 AM
#62
Yes, it's indeed the best to do. However, the point is that although the threats are false, since there isn't any recorded content, it's a fact scammers use something many people really do in secret, being even considered common behavior among internet male users. Maybe the victims have families and feel really embarrassed when confronted with such threats that they don't think twice before sending the money to the scammers, also because they don't want too much attention that will be inevitably caused when calling the police or involving the law towards a sensible subject like this.
when it involves our family that happened because of humiliation, of course everyone can't think long and can make mistakes that can't be controlled because they have been carried away with emotions that they actually made so that fraudsters can make us unable to think clearly

it will apply to anyone if they experience something like this, and it is very humane, especially if it involves the security forces where in some countries the laziest to deal with the security forces, because it does not solve problems but creates new problems, they understand the situation so they can commit fraud freely .
hero member
Activity: 2044
Merit: 784
Leading Crypto Sports Betting & Casino Platform
June 15, 2021, 08:20:07 PM
#61
Sometimes these sexual extortionists don’t have anything about you, it’s just threats. That’s why you shouldn’t be replying any email that you know nothing about. If an email is coming an unknown sender it’s very best that you don’t reply such mails. And this is another reason why we should mind the kind life we live and avoid sending out images that we shouldn’t.

But like I said, when you get such mails from these sexual extortionists, it’s best not to reply , you can report to the police station and a lawyer. Like I said, most of these extortionists don’t have anything on you, they are just threatening you, and if you engage them, it gets worse.
Yes, it's indeed the best to do. However, the point is that although the threats are false, since there isn't any recorded content, it's a fact scammers use something many people really do in secret, being even considered common behavior among internet male users. Maybe the victims have families and feel really embarrassed when confronted with such threats that they don't think twice before sending the money to the scammers, also because they don't want too much attention that will be inevitably caused when calling the police or involving the law towards a sensible subject like this.
hero member
Activity: 1428
Merit: 538
June 15, 2021, 07:22:27 PM
#60
But if you use a coin switching service that doesn't require KYC and you switch into Monero and from the provided address send it to another Monero address, it's over. There is no single way in the world to trace down transactions on the Monero blockchain, at least not from what we know to date.

No. While you're right that highly sophisticated transaction and mixing protocols like Monero or (Coinjoin..)mixers cannot be traced directly it can be done in the most cases indirectly. Successful scammers have to manage earlier or later a high number of addresses. E.g. if someone is doing 500 transactions and is only once or twice co-spending the wrong coins (e.g. unmixed with mixed or monero-forth-back-exchanged coins) then the house of cards collapses often.

I was able to link for this reason more than 20% of a Wasabi mixing transaction outputs to their inputs. If you think 20% is not so much then this was the success rate per single transaction. If people are doing hundreds of transactions then only a low % of scammers are able to stay untraceable over time. The scammer ripping off 307 BTC from Exmo exchange in December moved the coins for obfuscation reasons more than 300 times before he did a mistake by co-spending it with other coins. All the 300 transactions were finally a waste of time and fees.

The scammers human brain thinks two or three steps deep but the analytics software goes much deeper. E.g. scammers which move the coins in long transaction chains use manually chosen transaction amounts. They have other patterns then natural transaction chains where A is trading with B and B is buying something for crypto from C.

I see what you are saying and I know that companies like Chainalysis can go far beyond what many people think. But if you get your money into Monero and you send it a few steps ahead, maybe just divide it into a couple smaller transactions onto various Monero addresses, how are you going to identify the scammer? Isn't then the only way to crack Monero itself? I see why Bitcoin is relatively easy to trace even when mixers are used, but for as long as you are careful with hiding your IP and you are not unlucky using an infected TOR node, there is no way to really find you before any exit. Am I wrong?
newbie
Activity: 16
Merit: 0
June 07, 2021, 10:35:49 AM
#59
[quote author=BTCtester.com link=topic=5339093.msg57060985#msg57060985 date=162161978

I conclude that our police simply do not have enough experts to follow up on something like this.
[/quote]

And where an exchange touted that the bitcoins deposited in their exchange couldn't be traced, that created a disincentive for authorities to effectively recover stolen bitcoins.  Like the move to defund the police over perceived racial bias.

soy1003
member
Activity: 1162
Merit: 58
June 07, 2021, 03:19:59 AM
#58
I think the Police worldwide are not really super advance to track the slander. Wallet address can simply be track once the owner is just like us a simple person. But it the owner is knowledgeable in crypto and know deeper than the Police. They cannot track and couldn't give justice to the victim. I hope one day there will have full protection not just for them but also for us who experienced hundreds of scams.
Remember that Most of the chance wallet owner are anonymous until time comes of they need to withdraw .  meaning the funds may sit on the wallets for those long time and just wait for a chance to segregate the funds little by little.
newbie
Activity: 17
Merit: 1
June 07, 2021, 02:16:03 AM
#57
How can this actually affect the crypto market?
It won't lol
newbie
Activity: 26
Merit: 4
June 06, 2021, 04:35:21 PM
#56
But if you use a coin switching service that doesn't require KYC and you switch into Monero and from the provided address send it to another Monero address, it's over. There is no single way in the world to trace down transactions on the Monero blockchain, at least not from what we know to date.

No. While you're right that highly sophisticated transaction and mixing protocols like Monero or (Coinjoin..)mixers cannot be traced directly it can be done in the most cases indirectly. Successful scammers have to manage earlier or later a high number of addresses. E.g. if someone is doing 500 transactions and is only once or twice co-spending the wrong coins (e.g. unmixed with mixed or monero-forth-back-exchanged coins) then the house of cards collapses often.

I was able to link for this reason more than 20% of a Wasabi mixing transaction outputs to their inputs. If you think 20% is not so much then this was the success rate per single transaction. If people are doing hundreds of transactions then only a low % of scammers are able to stay untraceable over time. The scammer ripping off 307 BTC from Exmo exchange in December moved the coins for obfuscation reasons more than 300 times before he did a mistake by co-spending it with other coins. All the 300 transactions were finally a waste of time and fees.

The scammers human brain thinks two or three steps deep but the analytics software goes much deeper. E.g. scammers which move the coins in long transaction chains use manually chosen transaction amounts. They have other patterns then natural transaction chains where A is trading with B and B is buying something for crypto from C.
legendary
Activity: 2282
Merit: 1023
June 06, 2021, 04:27:29 PM
#55
I went off the subject a bit but what I started to ask is why doesn't FINCEN play wack-a-mole with every exchange accepting bitcoin ransoms or extortions if they can't provide individual identification of the perps.  Or is it a case that Russia won't comply with FINCEN requirements?  
The reason majority of the exchanges are complying with mandatory KYC is simply because they do not want to get into trouble as the authorities will mark them as aiding money laundering if they are not able to provide the necessary documents of individual wallet holders.


What's the answer?  Maybe break up the internet the way the EU is banning flights to Russia and Belarus while they support Alexander Lukashenko?  Heck many of my missing ~11.8 btc might be in Russia if reports Vinnik had a boss there who may now have much of the MtGox stolen btc as well as btc stolen from other exchanges over the years.
So you did loose your coins during the MtGox hack and it was a disaster for everyone involved in Bitcoin during that time period and hopefully we will be able to track them down even if it takes another decade  Grin.
newbie
Activity: 16
Merit: 0
June 06, 2021, 03:46:13 PM
#54
The US shutdown BTC-e in Bulgaria because they refused to comply with proof of identity FINCEN requirements and bitcoin laundering.  Vinnik was arrested in Greece by the Greeks with US authorities but held that his Russian Orthodox faith was essentially the same as Greek Orthodox and so shouldn't be held in US jails.  Don't know why, the Russian Orthodox church has a huge estate on Long Island Sound near where I lived and a church in a town a little ways away.  So, the Greeks sent him to France where he is awaiting trial.  

I went off the subject a bit but what I started to ask is why doesn't FINCEN play wack-a-mole with every exchange accepting bitcoin ransoms or extortions if they can't provide individual identification of the perps.  Or is it a case that Russia won't comply with FINCEN requirements?  What's the answer?  Maybe break up the internet the way the EU is banning flights to Russia and Belarus while they support Alexander Lukashenko?  Heck many of my missing ~11.8 btc might be in Russia if reports Vinnik had a boss there who may now have much of the MtGox stolen btc as well as btc stolen from other exchanges over the years are true.

soy1003
member
Activity: 909
Merit: 17
www.cd3d.app
June 06, 2021, 12:08:23 PM
#53
A sextortion victim received a mail to pay $1000 in bitcoin within 48h to address 1GYNGZLEUGkkQjHo19dHDnGE87WsAiGLLB otherwise, a captured intimate video of the victim is sent to all his email contacts. Can the extortionist be tracked down with only knowledge of the Bitcoin address? In this case the wanted person doesn't seem to be the brightest candle on the cake.

A free short analysis with our "Bitcoin privacy check" tool already shows the connection to a Binance client:. For less than $100 a report is available from forensicsone showing that the address sent funds to a binance deposit address.

But the amazing thing is that despite the naive approach, the extortionist was able to collect many millions of $ (more than 4,000 BTC) from thousands of people, even though Binance already demands KYC at 2 BTC and there were hundreds of criminal complaints at the police.

I conclude that our police simply do not have enough experts to follow up on something like this.

It is possible if he has a back up, I mean, he has a friend or partner that can make a transactions with kyc. Maybe he just use that wallet to claim millions of $ from his victims but he also transfer it to different wallet exchange address and also to his friends.
newbie
Activity: 16
Merit: 0
June 06, 2021, 10:30:21 AM
#52
A couple of things regarding dothebeats post.

In this age when every customer is video'd at every Walmart checkout and police simply park a car with license plate reader and video at an exit to film drivers after they've removed their facemasks, anonymity today isn't expected.  It's the world we live in today.

And with bitcoin thieves having stolen over 11.8 btc from me, I don't want crypto currency anonymity.

Sextortion: I had a compromised password.  No cellphone nor camera have been in my bedroom.  I got a one of those sextortion demands.  I ignored it.  They target those with a compromised password not those they've hacked.

soy1003

legendary
Activity: 2674
Merit: 1226
Livecasino, 20% cashback, no fuss payouts.
June 06, 2021, 09:08:41 AM
#51
Can we also make the difference between Bitcoin actually being the bad guy here?

Sextortion cases themselves I bet if you did a study, Bitcoin (and the same with ransoms) only account for less than 1% of the funds being used. But does it make it better than fiat? Also not. Does it make gold better because maybe no one uses it in sextortion? No:)
hero member
Activity: 1428
Merit: 538
June 06, 2021, 09:05:44 AM
#50
I conclude that our police simply do not have enough experts to follow up on something like this.

And that's why Chainalysis is trying to take over the space of forensic blockchain analysis. I have nothing against using their methods to catch criminals and whatnot, but it appears that some of their 'investigations' aren't really connected into some criminal activities. They literally peer into any transaction that they find interesting and connect all the dots, somehow lessening the anonymity of those people involved in the said transaction. Police intelligence divisions aren't really well versed in the said area just yet, but contracting Chainalysis and other blockchain analysis companies for forensic analyses of crimes involving cryptocurrencies isn't really good either.

But if you use a coin switching service that doesn't require KYC and you switch into Monero and from the provided address send it to another Monero address, it's over. There is no single way in the world to trace down transactions on the Monero blockchain, at least not from what we know to date.

If the criminal goes through Binance it might be easier, but still there will TOR and / or VPN involved. You just can't stop these coin switching services because they can be founded anywhere in the world. If you can't shut the website down, how are you going to stop it? Surely the risk is with the attacker that the person running the switching service steals the funds, but the attacker just goes step by step, doesn't send 4000 BTC. If they do it right, no way you catch them. That's why it's more effective to force people to prove where the money comes from if they ever cash out. I am not saying that is the solution to the problem, I am just saying that KYC won't stop (s)extortion at all.
sr. member
Activity: 1988
Merit: 453
Sometimes these sexual extortionists don’t have anything about you, it’s just threats. That’s why you shouldn’t be replying any email that you know nothing about. If an email is coming an unknown sender it’s very best that you don’t reply such mails. And this is another reason why we should mind the kind life we live and avoid sending out images that we shouldn’t.

But like I said, when you get such mails from these sexual extortionists, it’s best not to reply , you can report to the police station and a lawyer. Like I said, most of these extortionists don’t have anything on you, they are just threatening you, and if you engage them, it gets worse.

The problem is that in most cases these people have access to your intimate pictures or videos. If you ignore their emails and calls, then in all probability they will upload these videos to porn sites or social media and in turn this can cause great harm to yourself and those who are close to you. In such instances, it should be dealt intelligently. Contacting the cops is definitely the best option, but this can create issues for certain people (for example those who are involved in extra-marital affairs). 
legendary
Activity: 2044
Merit: 1075
Leading Crypto Sports Betting & Casino Platform
Sometimes these sexual extortionists don’t have anything about you, it’s just threats. That’s why you shouldn’t be replying any email that you know nothing about. If an email is coming an unknown sender it’s very best that you don’t reply such mails. And this is another reason why we should mind the kind life we live and avoid sending out images that we shouldn’t.

But like I said, when you get such mails from these sexual extortionists, it’s best not to reply , you can report to the police station and a lawyer. Like I said, most of these extortionists don’t have anything on you, they are just threatening you, and if you engage them, it gets worse.
hero member
Activity: 2856
Merit: 667
How can this actually affect the crypto market?

There's none, we have some bad and good news, it's normal.
It's the lack of regulation that makes people suffer but bitcoin will stay and will remain a potential coin good for investment.

If one is careful with browsing online and protects his/her computer or any private data, this kind of "Sextortion" will never happen.

it could happen using fiat too, so there's no big difference.
hero member
Activity: 1428
Merit: 538
I think the Police worldwide are not really super advance to track the slander. Wallet address can simply be track once the owner is just like us a simple person. But it the owner is knowledgeable in crypto and know deeper than the Police. They cannot track and couldn't give justice to the victim. I hope one day there will have full protection not just for them but also for us who experienced hundreds of scams.
This is the good part for the victims. There is no hurry to catch the scammer immediately when cashing out. The blockchain data are written in stome and the analysis can even be done in years from now. A little mistake in one of 1000 transactions and the house of cards collapse for the scammer.

If someone pulls out a scam such as this one, then we can assume that he won't be stupid enough to leave some link to his identity that can be traced. The Bitcoin wallets that are used for this extortion purpose will remain inactive for many years. And even after that, the coins will be moved using a Bitcoin mixer or will be converted to altcoins or fiat using P2P platforms which doesn't require KYC information. It is still possible to trace the perpetrators, but that is going to take a lot of effort and the law enforcement authorities won't be interested unless some high profile narcotic or terrorist linkage is there.

We have to admit that someone could pull off a scam on the back of crypto, say Monero, but at the same time we should talk about the good things that crypto enables us to have and to do.
Pages:
Jump to: