Pages:
Author

Topic: Stuck Transactions since Feb 18, 2023 and all solutions failed (Read 221 times)

newbie
Activity: 14
Merit: 0
@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?
It's a tracer, You will see it at the top of your dashboard once you sign up. Just like a block explorer, the tool is free if you know what to do. But OP can create a bounty in the platform and other people will do the tracing for him in exchange for an incentive (paid in ARKM tokens)

Alternatively, he can try other contacting other blockchain analysis services like Chainlysis at a price.

it's a good idea i'll told him about bounty on the scammer
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?
It's a tracer, You will see it at the top of your dashboard once you sign up. Just like a block explorer, the tool is free if you know what to do. But OP can create a bounty in the platform and other people will do the tracing for him in exchange for an incentive (paid in ARKM tokens)

Alternatively, he can try other contacting other blockchain analysis services like Chainlysis at a price.
newbie
Activity: 14
Merit: 0
yes 500,000 dollars in total

Don't say you your client accepted a bunch of unconfirmed transactions worth $500k without some basic Bitcoin transaction knowledge (and RBF in particular which basically allows arbitrary redirection of coins to other destination address(es) for RBF enabled unconfirmed transactions).
Of course does a replacement transaction invalidate its predecessor transaction which the blockchain.com explorer only half-heartedly indicates (I guess the malicious actor used the blockchain.com explorer on purpose).

The likely perpetrator could've pretended to "send you your client" a sum of coins worth $500k with much much less of that amount because he reused a lower amount of coins again and again and again. It seems you someone took the bait.

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?


my client is too old i think he is above 70 years old and the threat actor was telling him all that months that the problem is from his account (my client account)
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
yes 500,000 dollars in total

Don't say you your client accepted a bunch of unconfirmed transactions worth $500k without some basic Bitcoin transaction knowledge (and RBF in particular which basically allows arbitrary redirection of coins to other destination address(es) for RBF enabled unconfirmed transactions).
Of course does a replacement transaction invalidate its predecessor transaction which the blockchain.com explorer only half-heartedly indicates (I guess the malicious actor used the blockchain.com explorer on purpose).

The likely perpetrator could've pretended to "send you your client" a sum of coins worth $500k with much much less of that amount because he reused a lower amount of coins again and again and again. It seems you someone took the bait.

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?
newbie
Activity: 14
Merit: 0
there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

https://talkimg.com/images/2023/11/06/tjAXo.png

any recommendations for hiring an expert like contact or website
newbie
Activity: 14
Merit: 0
there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

https://talkimg.com/images/2023/11/06/tjAXo.png

what should i search for at Arkham to get the same results you got
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

newbie
Activity: 14
Merit: 0
There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

Such a chain of transactions in a short time frame which move coins from just 1 input to 1 output is barely hiding anything. For such a 1 input to 1 output transaction without using any change address there's quite some likelyhood that both input and output belong to the same individual. Such a simple coin movement chain just wastes coins in fees and only hides something for bitcoin noobs.


How did you end up in this situation, was the “client” trying to pay you for some goods or services?

That sparked my interest, too, as I came to the same conclusion as hosseinimr93 in his post
...

I immediately saw that the Tx 54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 had RBF enabled and a very low transaction fee to keep the transaction as long as possible unconfirmed. This screamed for a later replacement transaction by the scammer that denied the coins for the OP. It's likely that the malicious individual did this trick multiple times, maybe even with the OP as when you follow the chain of transactions this actor topped up coins and likely did the RBF trick multiple times (I didn't analyse it 'til the end, gave up after some lengthy chain of transactions over multiple days).

the client didn't share with me that much details about what he was paying for or what was happening exactly

holy shitttt
newbie
Activity: 14
Merit: 0
so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
You are right.
The scammer replaced the transaction that had been made to you with a new one and the address which received the fund in the replacement transaction is probably owned by the scammer.

so how i can find the address that the scammer add to get the coins?
As stated by Bitcoin_Arena, the fund was moved between many other addresses to make tracing the fund difficult.


there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
500,000 dollars?


yes 500,000 dollars in total
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

Such a chain of transactions in a short time frame which move coins from just 1 input to 1 output is barely hiding anything. For such a 1 input to 1 output transaction without using any change address there's quite some likelyhood that both input and output belong to the same individual. Such a simple coin movement chain just wastes coins in fees and only hides something for bitcoin noobs.


How did you end up in this situation, was the “client” trying to pay you for some goods or services?

That sparked my interest, too, as I came to the same conclusion as hosseinimr93 in his post
...

I immediately saw that the Tx 54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 had RBF enabled and a very low transaction fee to keep the transaction as long as possible unconfirmed. This screamed for a later replacement transaction by the scammer that denied the coins for the OP. It's likely that the malicious individual did this trick multiple times, maybe even with the OP as when you follow the chain of transactions this actor topped up coins and likely did the RBF trick multiple times (I didn't analyse it 'til the end, gave up after some lengthy chain of transactions over multiple days).
legendary
Activity: 2380
Merit: 5213
so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
You are right.
The scammer replaced the transaction that had been made to you with a new one and the address which received the fund in the replacement transaction is probably owned by the scammer.

so how i can find the address that the scammer add to get the coins?
As stated by Bitcoin_Arena, the fund was moved between many other addresses to make tracing the fund difficult.


there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
500,000 dollars?

newbie
Activity: 14
Merit: 0
so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?


there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used
newbie
Activity: 14
Merit: 0
so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

no i am cybersecurity engineer and i was conducting a pen test for my client so he asked if i can help him in investigating this case so it's just a favor for my client, so how i can find the address that the scammer add to get the coins?
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?
newbie
Activity: 14
Merit: 0
The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC



To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x    0.04036433 BTC
bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy    0.00425273 BTC


One of the receiving addresses must be owned by you.


The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC


To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s    0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.



yeah that address is mine 17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x    

The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC



To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x    0.04036433 BTC
bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy    0.00425273 BTC


One of the receiving addresses must be owned by you.


The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC


To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s    0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.


so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?
legendary
Activity: 2380
Merit: 5213
The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC



To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x    0.04036433 BTC
bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy    0.00425273 BTC


One of the receiving addresses must be owned by you.


The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec


From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9    0.02434293 BTC
bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3    0.02027627 BTC


To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s    0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.
newbie
Activity: 14
Merit: 0
You got scammed.
The transaction you received was replaced by this transaction: 7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

Take note that there is no guarantee that an unconfirmed transaction will be finally confirmed and unless you completely trust the sender, you should never accept an unconfirmed transaction.

how you were able to know this could you kindly tell me how because i have total pending transactions worth of 500k so i need to confirm that all those transactions has been manipulated
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
probably it's fake, how to check the mempools?
I meant blockchain explorer. Mempool is for checking the fee rate to be used in a transaction. Although, there is a site that is both a mempool site and has a blockchain explorer, https://mempool.space/, while experienced people may prefer to use https://jochen-hoenicke.de/queue/#BTC,24h,weight which gives more information about the fee rate, but just a mempool.
legendary
Activity: 2380
Merit: 5213
You got scammed.
The transaction you received was replaced by this transaction: 7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

Take note that there is no guarantee that an unconfirmed transaction will be finally confirmed and unless you completely trust the sender, you should never accept an unconfirmed transaction.
newbie
Activity: 14
Merit: 0
here is the link for one of the transactions when i click on see transactions on block explorer https://explorer.bitcoin.com/btc/tx/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 but when i enter the link i get 404
I saw this: https://www.blockchain.com/explorer/transactions/btc/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

If a transaction becomes invalid, it means it has been dropped from the mempool. I have checked other mempools but nothing seen again. Not a successful transaction and you can not get the coins.

probably it's fake, how to check the mempools?
Pages:
Jump to: