Stuck Transactions since Feb 18, 2023 and all solutions failed

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Bitcoin_Arena on November 06, 2023, 08:25:36 PM

Quote from: Cricktor on November 06, 2023, 08:10:38 PM

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?

It's a tracer, You will see it at the top of your dashboard once you sign up. Just like a block explorer, the tool is free if you know what to do. But OP can create a bounty in the platform and other people will do the tracing for him in exchange for an incentive (paid in ARKM tokens)

Alternatively, he can try other contacting other blockchain analysis services like Chainlysis at a price.

it's a good idea i'll told him about bounty on the scammer

Bitcoin_Arena

copper member

Activity: 2016

Merit: 1783

฿itcoin for all, All for ฿itcoin.

Quote from: Cricktor on November 06, 2023, 08:10:38 PM

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?

It's a tracer, You will see it at the top of your dashboard once you sign up. Just like a block explorer, the tool is free if you know what to do. But OP can create a bounty in the platform and other people will do the tracing for him in exchange for an incentive (paid in ARKM tokens)

Alternatively, he can try other contacting other blockchain analysis services like Chainlysis at a price.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Cricktor on November 06, 2023, 08:10:38 PM

Quote from: kitobaysoz on November 06, 2023, 07:40:26 PM

yes 500,000 dollars in total

Don't say ~~you~~ your client accepted a bunch of unconfirmed transactions worth $500k without some basic Bitcoin transaction knowledge (and RBF in particular which basically allows arbitrary redirection of coins to other destination address(es) for RBF enabled unconfirmed transactions).
Of course does a replacement transaction invalidate its predecessor transaction which the blockchain.com explorer only half-heartedly indicates (I guess the malicious actor used the blockchain.com explorer on purpose).

The likely perpetrator could've pretended to "send ~~you~~ your client" a sum of coins worth $500k with much much less of that amount because he reused a lower amount of coins again and again and again. It seems ~~you~~ someone took the bait.

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?

my client is too old i think he is above 70 years old and the threat actor was telling him all that months that the problem is from his account (my client account)

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: kitobaysoz on November 06, 2023, 07:40:26 PM

yes 500,000 dollars in total

Don't say ~~you~~ your client accepted a bunch of unconfirmed transactions worth $500k without some basic Bitcoin transaction knowledge (and RBF in particular which basically allows arbitrary redirection of coins to other destination address(es) for RBF enabled unconfirmed transactions).
Of course does a replacement transaction invalidate its predecessor transaction which the blockchain.com explorer only half-heartedly indicates (I guess the malicious actor used the blockchain.com explorer on purpose).

The likely perpetrator could've pretended to "send ~~you~~ your client" a sum of coins worth $500k with much much less of that amount because he reused a lower amount of coins again and again and again. It seems ~~you~~ someone took the bait.

@Bitcoin_Arena
Where on https://www.arkhamintelligence.com/ is this tool you used and is it usable for free to some minor extend?

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Bitcoin_Arena on November 06, 2023, 07:51:52 PM

Quote from: kitobaysoz on November 06, 2023, 07:18:02 PM

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

https://talkimg.com/images/2023/11/06/tjAXo.png

any recommendations for hiring an expert like contact or website

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Bitcoin_Arena on November 06, 2023, 07:51:52 PM

Quote from: kitobaysoz on November 06, 2023, 07:18:02 PM

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

https://talkimg.com/images/2023/11/06/tjAXo.png

what should i search for at Arkham to get the same results you got

Bitcoin_Arena

copper member

Activity: 2016

Merit: 1783

฿itcoin for all, All for ฿itcoin.

Quote from: kitobaysoz on November 06, 2023, 07:18:02 PM

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

If your client can afford to use one of those crypto tracing services, then I suggest he uses them to trace the last known address of that scammer
I just did a quick look through using Arkham and after along trail, I ended up with two address, One depositing to a remitano address and the other to a Binance address.

This is a screenshot of part of the trail

Please hire an expert.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Cricktor on November 06, 2023, 07:35:09 PM

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

Such a chain of transactions in a short time frame which move coins from just 1 input to 1 output is barely hiding anything. For such a 1 input to 1 output transaction without using any change address there's quite some likelyhood that both input and output belong to the same individual. Such a simple coin movement chain just wastes coins in fees and only hides something for bitcoin noobs.

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

That sparked my interest, too, as I came to the same conclusion as hosseinimr93 in his post

Quote from: hosseinimr93 on November 06, 2023, 06:22:16 PM

...

I immediately saw that the Tx 54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 had RBF enabled and a very low transaction fee to keep the transaction as long as possible unconfirmed. This screamed for a later replacement transaction by the scammer that denied the coins for the OP. It's likely that the malicious individual did this trick multiple times, maybe even with the OP as when you follow the chain of transactions this actor topped up coins and likely did the RBF trick multiple times (I didn't analyse it 'til the end, gave up after some lengthy chain of transactions over multiple days).

the client didn't share with me that much details about what he was paying for or what was happening exactly

holy shitttt

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: hosseinimr93 on November 06, 2023, 07:24:28 PM

Quote from: ?? on ??

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

You are right.
The scammer replaced the transaction that had been made to you with a new one and the address which received the fund in the replacement transaction is probably owned by the scammer.

Quote from: kitobaysoz on November 06, 2023, 07:09:23 PM

so how i can find the address that the scammer add to get the coins?

As stated by Bitcoin_Arena, the fund was moved between many other addresses to make tracing the fund difficult.

Quote from: kitobaysoz on November 06, 2023, 07:18:02 PM

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

500,000 dollars?

yes 500,000 dollars in total

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

Such a chain of transactions in a short time frame which move coins from just 1 input to 1 output is barely hiding anything. For such a 1 input to 1 output transaction without using any change address there's quite some likelyhood that both input and output belong to the same individual. Such a simple coin movement chain just wastes coins in fees and only hides something for bitcoin noobs.

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

That sparked my interest, too, as I came to the same conclusion as hosseinimr93 in his post

Quote from: hosseinimr93 on November 06, 2023, 06:22:16 PM

...

I immediately saw that the Tx 54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 had RBF enabled and a very low transaction fee to keep the transaction as long as possible unconfirmed. This screamed for a later replacement transaction by the scammer that denied the coins for the OP. It's likely that the malicious individual did this trick multiple times, maybe even with the OP as when you follow the chain of transactions this actor topped up coins and likely did the RBF trick multiple times (I didn't analyse it 'til the end, gave up after some lengthy chain of transactions over multiple days).

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: ?? on ??

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

You are right.
The scammer replaced the transaction that had been made to you with a new one and the address which received the fund in the replacement transaction is probably owned by the scammer.

Quote from: kitobaysoz on November 06, 2023, 07:09:23 PM

so how i can find the address that the scammer add to get the coins?

As stated by Bitcoin_Arena, the fund was moved between many other addresses to make tracing the fund difficult.

Quote from: kitobaysoz on November 06, 2023, 07:18:02 PM

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

500,000 dollars?

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

Quote from: ?? on ??

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

there is alot of transactions worth in total about 500k has the same condition so we need to get the final address that the scammer used

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Bitcoin_Arena on November 06, 2023, 06:57:49 PM

Quote from: ?? on ??

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

no i am cybersecurity engineer and i was conducting a pen test for my client so he asked if i can help him in investigating this case so it's just a favor for my client, so how i can find the address that the scammer add to get the coins?

Bitcoin_Arena

copper member

Activity: 2016

Merit: 1783

฿itcoin for all, All for ฿itcoin.

Quote from: ?? on ??

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

There is a chain of addresses/transaction after that address in a short time frame. It appears as though the person was trying to hide the transaction trail.

How did you end up in this situation, was the “client” trying to pay you for some goods or services?

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: hosseinimr93 on November 06, 2023, 06:22:16 PM

The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x 0.04036433 BTC bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy 0.00425273 BTC

One of the receiving addresses must be owned by you.

The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s 0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.

yeah that address is mine 17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x

Quote from: hosseinimr93 on November 06, 2023, 06:22:16 PM

The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x 0.04036433 BTC bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy 0.00425273 BTC

One of the receiving addresses must be owned by you.

The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s 0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.

so this is the address of the scammer address bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s right?

hosseinimr93

legendary

Activity: 2380

Merit: 5213

The pending transaction will be never confirmed and the balance displayed by your wallet is wrong.

Here is the transaction displayed in you wallet.
54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
17G4XNws9K3iZ632TK7nBvxi1MsXzmSb6x 0.04036433 BTC bc1q4acc4qc20cgy4qsaapqpf263h4k3fgkgtgy4qy 0.00425273 BTC

One of the receiving addresses must be owned by you.

The same coins were used in the following transaction.
7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

From:
bc1ql865tdg9tjhrd5ec4tqs5jv4caaah06gujtpe9 0.02434293 BTC bc1ql3r6y0anjyzz4zfvxwy8zfxfhj9jdz9hxz0um3 0.02027627 BTC

To:
bc1qergs08g635azsy6fnfggnpqs2hpme6k8vkzv0s 0.04459940 BTC

Since this transaction has been confirmed, the first one will be never confirmed.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: hosseinimr93 on November 06, 2023, 05:40:49 PM

You got scammed.
The transaction you received was replaced by this transaction: 7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

Take note that there is no guarantee that an unconfirmed transaction will be finally confirmed and unless you completely trust the sender, you should never accept an unconfirmed transaction.

how you were able to know this could you kindly tell me how because i have total pending transactions worth of 500k so i need to confirm that all those transactions has been manipulated

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: kitobaysoz on November 06, 2023, 05:37:44 PM

probably it's fake, how to check the mempools?

I meant blockchain explorer. Mempool is for checking the fee rate to be used in a transaction. Although, there is a site that is both a mempool site and has a blockchain explorer, https://mempool.space/, while experienced people may prefer to use https://jochen-hoenicke.de/queue/#BTC,24h,weight which gives more information about the fee rate, but just a mempool.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

You got scammed.
The transaction you received was replaced by this transaction: 7b3f4a78671299347caac578fdc1bb4b137defc825268e16d334c6325142b4ec

Take note that there is no guarantee that an unconfirmed transaction will be finally confirmed and unless you completely trust the sender, you should never accept an unconfirmed transaction.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Charles-Tim on November 06, 2023, 05:32:33 PM

Quote from: kitobaysoz on November 06, 2023, 05:24:43 PM

here is the link for one of the transactions when i click on see transactions on block explorer https://explorer.bitcoin.com/btc/tx/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 but when i enter the link i get 404

I saw this: https://www.blockchain.com/explorer/transactions/btc/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

If a transaction becomes invalid, it means it has been dropped from the mempool. I have checked other mempools but nothing seen again. Not a successful transaction and you can not get the coins.

probably it's fake, how to check the mempools?

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: kitobaysoz on November 06, 2023, 05:24:43 PM

here is the link for one of the transactions when i click on see transactions on block explorer https://explorer.bitcoin.com/btc/tx/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 but when i enter the link i get 404

I saw this: https://www.blockchain.com/explorer/transactions/btc/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70

If a transaction becomes invalid, it means it has been dropped from the mempool. I have checked other ~~mempools~~ blockchain explorer but nothing seen again. Not a successful transaction and you can not get the coins.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Charles-Tim on November 06, 2023, 05:13:38 PM

Quote from: kitobaysoz on November 06, 2023, 05:07:49 PM

i have did what you said to me electrum and bluewallet but none of the pending transactions showed up i only only see the pending transactions on the bitcoin.com wallet also i am not the sender i am the receiver

You are the receiver. It would be good if you can let us know your txid. You should be able to see the txid on bitcoin.com as you see pending. But that transaction would have been dropped from mempool. The sender can also use RBF to replace the transaction with another one to replace your address to his own. Just do not believe in an unconfirmed transaction, make sure a transaction is confirmed before accepting it as a successful transaction.

here is the link for one of the transactions when i click on see transactions on block explorer https://explorer.bitcoin.com/btc/tx/54559adfc79b04fa16864d3c7ba789aa771fce59d4763e5d7cabcf6f95138c70 but when i enter the link i get 404

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: kitobaysoz on November 06, 2023, 05:07:49 PM

i have did what you said to me electrum and bluewallet but none of the pending transactions showed up i only only see the pending transactions on the bitcoin.com wallet also i am not the sender i am the receiver

You are the receiver. It would be good if you can let us know your txid. You should be able to see the txid on bitcoin.com as you see pending. But that transaction would have been dropped from mempool. The sender can also use RBF to replace the transaction with another one to replace your address to his own. Just do not believe in an unconfirmed transaction, make sure a transaction is confirmed before accepting it as a successful transaction.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: hosseinimr93 on November 06, 2023, 04:34:22 PM

Are you saying you can see your transaction on block explorers and it's shown as an unconfirmed transaction?

If you broadcasted a transaction on February 18, it's very unlikely that nodes still have your transaction in their mempool.
Of course, it's possible that someone rebroadcasted your transaction many times and made some nodes still have your transaction in their mempool.

Can you post your transaction ID? (Note that with sharing your transaction ID, you may harm your privacy)

i have did what you said to me electrum and bluewallet but none of the pending transactions showed up i only only see the pending transactions on the bitcoin.com wallet also i am not the sender i am the receiver

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: kitobaysoz on November 06, 2023, 04:36:37 PM

i can't find the transactions on the blockchain by the way so could it be a fake transactions? i can only see it when i open the wallet from bitcoin.com app

I will advise you to import the seed phrase into Electrum or Bluewallet. You should be able to see your coins and spend it if it was dropped from the mempool. Or if the transaction was confirmed and successful, you will see it there on the history tab. You are the sender, so there is nothing fake about the transaction as you have your wallet seed phrase and keys.

kitobaysoz

newbie

Activity: 14

Merit: 0

Quote from: Charles-Tim on November 06, 2023, 04:15:28 PM

Import your seed phrase into Electrum or Bluewallet. You transaction would have been confirmed, but if not confirmed, it would have been dropped from mempool by now and you will be able to spend the coin.

i can't find the transactions on the blockchain by the way so could it be a fake transactions? i can only see it when i open the wallet from bitcoin.com app

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Are you saying you can see your transaction on block explorers and it's shown as an unconfirmed transaction?

If you broadcasted a transaction on February 18, it's very unlikely that nodes still have your transaction in their mempool.
Of course, it's possible that someone rebroadcasted your transaction many times and made some nodes still have your transaction in their mempool.

Can you post your transaction ID? (Note that with sharing your transaction ID, you may harm your privacy)

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

You don't provide enough details to assist you or examine your options. Actually you don't provide any detail at all, except there's a stuck transaction for about 8-9 months. How is anyone supposed to help you with such a lack of information?

Who is rebroadcasting such a transaction over and over again to keep it alive for more than half a year?

Anyway, if you don't control any of the transaction's outputs, you can't use CPFP. If the transaction originated from a custodial wallet then you can't use RBF, because not your keys, not your coins' control.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Import your seed phrase into Electrum or Bluewallet. You transaction would have been confirmed, but if not confirmed, it would have been dropped from mempool by now and you will be able to spend the coin.

kitobaysoz

newbie

Activity: 14

Merit: 0

Hello community,sup...

I am currently facing a challenging situation with my client's Bitcoin wallet. Despite diligently exploring all the solutions outlined in the previous discussions regarding stuck transactions, I've yet to resolve this issue. It's been months now, as the problem initially arose on February 18th, and the transactions remain unconfirmed.

I kindly request the assistance of anyone knowledgeable in this matter who might be able to guide me through the process of confirming these long-pending transactions. Your support would be greatly appreciated.

Topic: Stuck Transactions since Feb 18, 2023 and all solutions failed (Read 187 times)