Pages:
Author

Topic: The story of Betnomi.com (Exit Scam) - page 5. (Read 2874 times)

legendary
Activity: 2730
Merit: 1560
Yes, I'm an asshole
August 14, 2023, 09:09:57 PM
#83
You've made tests which mean the products haven't been tampered. It's asking for big trust from ppl if they're using any thing given by Betnomi it's a risk they shouldn't take. Users shouldn't use them because if their balances became empty they won't forgive Betnomi.

Conclusion

Having these said, I guess that the owners of Betnomi Ledgers can relax now, as their products are not tampered with. Those which want though can perform the above steps for checking their wallets' hardware integrity on their own. However, I don't recommend this, unless you don't care if the device gets fully damaged or unless you are used to opening electronic device / fix them / etc. Smiley

It is very sad that icopress is having a huge loss because of Betnomi but, at least, they were not that evil to tamper the devices they raffled on the forum.

Pretty much sure the post you quoted just proven the exact opposite of your comment. Gazeta Tabloid spent a lot of time writing the post, and even longer time figuring every details and doing every steps needed to check the ledger's integrity, and they came clean.

Yes, people is advised to exercise caution when they use the ledger and they could do what Tabloid did [dismantling the device] if they want extra security, but it's proven that the ledgers are not tampered. Thus, if the balance became empty at one point, it's not necessarily Betnomi's fault. You do aware that there are a lot of malicious entities out there in crypto-space who perpetually tried to steal other people's fund, right?


By the way, supp...?

copper member
Activity: 1652
Merit: 1325
I'm sometimes known as "miniadmin"
August 14, 2023, 04:11:31 PM
#82
---

Since the cable can be used for powering the Ledger it's obvious that the cable is functional.

It can be functional but have the data pins or however they are actually called broken (or someone correct me if not). I'd simply toss if for another new one. Cables break, so not really a big issue
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
August 14, 2023, 02:23:38 PM
#81
Maybe this is making a big jump; but would it be sort of possible to pin-point the time the devices were bought from the firmware version? I suppose that new devices come fully updated, and not so long ago we did discuss the 2020/2022 ledger operation times.

As far as I understand from an older post they made (included in my previous post), they bought these Ledgers in 2021

Let me clarify some details. To begin with, these custom wallets were not originally intended for ruffles or any other contests and events. These custom wallets were ordered in 2021 directly from the manufacturer to thank the employees for their hard work (quite a while has passed since then, and it is not surprising that the firmware is a little outdated). But we still had a few wallets left, until one of the forum users suggested some ideas where we can put them.

According to Ledger website (select Older firmware versions), we can see all firmware updates and their release dates. Hwever, the release date for 2.0.1 is not stated, by some reason. But we see that 2.0.0 was released on 21 October 2021 and 2.0.2 was released on 25 January 2022. So 2.0.1 was released between those dates. So the information matches what they said.

However, it's good to know that at least the devices don't contain some extra present; good work!

Thank you Smiley




@GazetaBitcoin Betnomi wallet hardware from you I can't enter Ledger Live have tried several times but failed, have entered the PIN but the fact is that it doesn't function properly.

Actually I wanted to ask this a long time ago but forgot because this hardware wallet is rarely turned on.

Maybe you know why it always stuck here?

Did you try to pull the USB cable completely inside the Ledger's muff? At my first attempt I inserted it half inside the muff so it did not even turn on, so I thought it was broken. Then I forced the cable muff a bit more inside the Ledger and it entered completely. Only after that I could turn it on and I had no problem with the Ledger Live.

Other than that, you can try uninstall Ledger Live and reinstall it and, when you start the tutorial again, select the option that you already have a Ledger which is set up, so not a brand new one.

And, of course, as Csmiami suggested, check the cable integrity Smiley I checked the wallet's integrity, not the cable =))) I hope you'll manage to bypass this problem. In any case, the software saying the Ledger is genuine is not so assuring. The important part is that we know now that the hardware integrity is in good shape. That is the most important aspect.



Later edit, as I just noticed your lattest post:

Confirming with another data cable can enter Ledger Live.
Yes, it seems that the power cord is not suitable for transferring data to the computer, but for charging it runs normally with the built-in cable.

Can it be said to be damaged if the built-in cable cannot transfer to the PC?

This is curious, but I observed, in time, that PC USBs act weird from a PC to another (maybe it depends if you have a USB 1.0 port or USB 2.0 or 3.0 or USB type C and so on). I don't know why this happens but it happens all the times. For example, when I try to connect my phone to my PC it does not see it or it sees it for 1 second then immediately it sees the phone was unplugged (although I did not unplug it). If I use same phone and same cable on another PC it works without any problem. It may be an issue with the USB port you are using. Since the cable can be used for powering the Ledger it's obvious that the cable is functional.
hero member
Activity: 1498
Merit: 785
August 14, 2023, 02:21:10 PM
#80
Maybe it's just a power cable and not suitable for data transfer aswell
Confirming with another data cable can enter Ledger Live.
Yes, it seems that the power cord is not suitable for transferring data to the computer, but for charging it runs normally with the built-in cable.

Can it be said to be damaged if the built-in cable cannot transfer to the PC?
hero member
Activity: 1498
Merit: 785
August 14, 2023, 02:07:35 PM
#79
--
Tried connecting to other devices with the same result, no change at all.
And did you also try another cable that you know is actually working on any other device? Would be great if the answer was just a simple broken cable
I haven't tried it yet. Will do it now, I hope with another data cable it will come in.
copper member
Activity: 1652
Merit: 1325
I'm sometimes known as "miniadmin"
August 14, 2023, 02:04:01 PM
#78
--
Tried connecting to other devices with the same result, no change at all.
And did you also try another cable that you know is actually working on any other device? Would be great if the answer was just a simple broken cable
hero member
Activity: 1498
Merit: 785
August 14, 2023, 02:02:46 PM
#77
----
Are you using a cable different to the one that came with the device? If so, can you connect other devices to your computer with it? Maybe it's just a power cable and not suitable for data transfer aswell
No
I use the built-in data cable from Ledger inside.
Tried connecting to other devices with the same result, no change at all.

Now can only access on mobile by connecting to bluetooth.
copper member
Activity: 1652
Merit: 1325
I'm sometimes known as "miniadmin"
August 14, 2023, 01:56:04 PM
#76
----

Maybe this is making a big jump; but would it be sort of possible to pin-point the time the devices were bought from the firmware version? I suppose that new devices come fully updated, and not so long ago we did discuss the 2020/2022 ledger operation times.

However, it's good to know that at least the devices don't contain some extra present; good work!




----
Are you using a cable different to the one that came with the device? If so, can you connect other devices to your computer with it? Maybe it's just a power cable and not suitable for data transfer aswell
hero member
Activity: 1498
Merit: 785
August 14, 2023, 01:54:50 PM
#75
@GazetaBitcoin Betnomi wallet hardware from you I can't enter Ledger Live have tried several times but failed, have entered the PIN but the fact is that it doesn't function properly.

Actually I wanted to ask this a long time ago but forgot because this hardware wallet is rarely turned on.

Maybe you know why it always stuck here?

legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
August 14, 2023, 01:26:53 PM
#74
I am not sure if they can relax knowing that someone like Betnomi probably has their personal information, especially if they know their real name, delivery address and phone number.

Well, I meant that they can relax if they were worried about the possibility of having their Ledgers tampered by Betnomi, but I understand what you're saying. That's another reason to worry about. However, some of them shared only with MJ their personal information and that should be a little relief. At same time, some which had the possibility did not offer their real address but used a P.O. Box or some other shipping address so that could be another relief...

Anyway, good job with doing this integrity check.

Thank you! It took me some hours for making this check and write everything down, step by step, but I am glad I made it Smiley
full member
Activity: 896
Merit: 193
web developer for hire
August 14, 2023, 01:20:16 PM
#73
You've made tests which mean the products haven't been tampered. It's asking for big trust from ppl if they're using any thing given by Betnomi it's a risk they shouldn't take. Users shouldn't use them because if their balances became empty they won't forgive Betnomi.

Conclusion

Having these said, I guess that the owners of Betnomi Ledgers can relax now, as their products are not tampered with. Those which want though can perform the above steps for checking their wallets' hardware integrity on their own. However, I don't recommend this, unless you don't care if the device gets fully damaged or unless you are used to opening electronic device / fix them / etc. Smiley

It is very sad that icopress is having a huge loss because of Betnomi but, at least, they were not that evil to tamper the devices they raffled on the forum.
legendary
Activity: 2212
Merit: 7064
August 14, 2023, 10:11:46 AM
#72
Having these said, I guess that the owners of Betnomi Ledgers can relax now, as their products are not tampered with.
I am not sure if they can relax knowing that someone like Betnomi probably has their personal information, especially if they know their real name, delivery address and phone number.
Not sure what exactly is happening with Betnomi but I already heard several reports from people about some leaked information connected with email address.
Anyway, good job with doing this integrity check.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
August 14, 2023, 05:46:51 AM
#71
After my earlier post, being also inspired by pixie85's post and by icopress' suggestion, I decided to check the hardware integrity of the Ledger I received from Betnomi.

In theory, on their website the required steps look simple, yet the practice is the one which always kills us. All I found there was this:

Quote
Secure Element attestation

The Secure Element itself is personalized at factory with an attestation proving that it has been manufactured by Ledger. You can verify it by running

pip install --no-cache-dir ledgerblue

python -m ledgerblue.checkGenuineRemote --targetId 0x33000004

Obviously, those were not commands which could be simply typed in a Command Prompt window. So after some digging I understood that I have first to install Python. You can get Python from here: https://www.python.org/downloads. Alternatively, you can also download it from Microsoft store. I downloaded Python 3.11.4.

Following some articles I found on the Internet, I understood that Visual Studio 2017 build tools may also be needed on Windows. As I wanted to make sure I have all prerequisites, I also installed this software (so I don't know if everything works without it). Visual Studio 2017 build tools can be downloaded from here: https://www.visualstudio.com/downloads/#build-tools-for-visual-studio-2017.

If you want to make sure you installed Python properly, you can run this command (directly in a Command Prompt window -- so just press Start - Run - cmd or press Windows key + R): python --version. You should see something like this:



Then you'll need to install pip, which is a Python package manager, which may come or not together with your Python build. Following some tutorials about Python, I reached this page and from here you can download pip. You will see in your Download folder a file named get-pip.py.

Afterwards you have to run this command (Command Prompt): python get-pip.py. This will install pip.

Having pip installed, you can ensure about this by typing the following command (in Command Prompt): pip --version.  You should see something like this:



Additionally, you'll need to install a Virtual Environment for Python, in order to be able to run the commands for checking the hardware integrity (I know, it already sounds like a pain in the ass only by reading everything I wrote here but imagine how it feels to actually do all these (!) and find all the information necessary in order to be able to make this check... Smiley). So following the same tutorial page for Python I installed first Pipenv, which allows you to install Python packages, then I installed Virtualenv, which "creates a folder which contains all the necessary executables to use the packages that a Python project would need". In order to install these, you need to run these commands (in Command Prompt): pip install --user pipenv and pip install virtualenv.

Next step is to install Python tools for Ledger Blue, Nano S and Nano X, which can be found here. In order to be able to do this you need to run the following commands (in Command Prompt): python3 -m venv ledger and pip install ledgerblue.

After finishing all these we finally get back to the command shown on Ledger website: python -m ledgerblue.checkGenuineRemote --targetId 0x33000004 -- but we do not run the command yet (keep reading below). The part "0x33000004" is the TargetID, meaning a code of your product. The entire list of TargetIDs is available on the website I mentioned above (obviously, none of these can be found directly on Ledger's website so you need deep Internet search for obtaining all this information):

Quote
Device nameFirmware VersionTargetID
Nano S Plusall0x33100004
Nano X< 2.2.1 (developer units only)0x33000004
Nano X>= 2.2.10x33000004
Nano S<= 1.3.10x31100002
Nano S1.4.x0x31100003
Nano S>= 1.5.x0x31100004
Ledger Blue<= 2.00x31000002
Ledger Blue2.1.x0x31000004
Ledger Blue v22.1.x0x31010004

As I wrote above, the command should not be entered yet. This is because the Ledgers from Betnomi have an old firmware (2.0.1) and the command works with newer firmware versions. So at this point you need to perform a firmware update (if you haven't already), which can be done through the Ledger Live app. For those not aware (there may be still a few of them), Ledger Live app can be downloaded from Ledger website: https://www.ledger.com/ledger-live. After installation is done select the tab My Ledger. There will be two firmware updates available. First one will upgrade the Ledger's firmware from 2.0.1 to 2.2.1. Second upgrade will bring the firmware 2.2.2 to your Ledger. However, the command for checking the hardware integrity can be run after having the firmware 2.2.1. You should see something like this:



Reaching this point, you must have the Ledger connected to your PC / laptop and also make sure it is not in standby. For obvious reasons, the command won't do anything if the wallet is not connected to the PC. And, if it is in standby mode you'll get a long error message, ending with Connection to remote host was lost. However, assuming that the device is connected and it is not in standby mode, run the command python -m ledgerblue.checkGenuineRemote --targetId 0x33000004. You will receive a warning on your Ledger screen, which you need to confirm.

And finaaaaaaaaaaally, after all these, I received this confirmation:



It was a lot of work but, at least, I was assured that the Ledgers from Betnomi are genuine. Or, at least, I was  50% assured. To ensure the remaining 50% I proceeded to open the device, in order to check its PCB.





Warning: performing the steps mentioned below may destroy your device. If you won't destroy it then you'll certainly lose the warranty.

This part may also sound simple, but it's not simple at all. You need to pay a lot of attention, as the product looks like a capsule (obviously, it was not meant to be opened) and it has no screw. Trying to break its case open may break it so your device may be totally damaged. However, since I won 3 such Ledgers from Betnomi I afforded the risks.

So first step is to remove the grey part branded with Betnomi from the wallet. The grey part should be lifted (in a delicate manner) from the grey button of the wallet. It can be removed relatively easy.



Now the important part comes. You need a very thin screwdriver or a very thin knife or any other sharp thing which is also very thin. If you look around the display, you'll see a very thin line -- this is the line where the part of the case protecting the display is assembled with the rest of the product. The screw driver should be used for forcing it into this thin line, in order to detach this part of the case from the other part of it. This should be done with a lot of attention, as at this step the device may become broken. In order to avoid this you may try to push the screwdriver between the part with the display and the rest of the wallet case on multiple spots of this thin line, thus getting some more weak spots which, in the end, will make the detaching of the display more easy.

By pure chance, I had a minuscule screwdriver and I used it for the surgery operation:





Then I used the grey part, which I previously removed, and I inserted it in the small opening made by the screwdriver, to keep that part open. Having a part already open, I used the screwdriver to force the opening more:



I proceeded with caution for the rest of the thin line until the case fully opened.

At this point I had to pay a lot of attention, as the navigation buttons are not attached to the PCB, nor to the external side of the case. They are not attached to anything and only the fact that they enter in the holes of the case keeps them at place. So I took them out, hoping to remember the correct place of each one.



The display is on the other side of the PCB (as seen in the image from above) and it is connected to the PCB through a small interface, so you can manipulate it to a side, since it is not attached on the PCB. This is important, because by moving it to a side you can check the entire side of the PCB where it is placed.

In the end, I could take these pictures of both sides of the PCB:



Next step was to compare the PCB details with the images shown on Ledger's website. There are 4 hardware revisions of these Ledgers, having different PCB colors. The PCB of my device is green, which corresponds to Revision 4. And, by analyzing the look of my PCB and the one from Ledger website, it seems the PCBs are identical:



Now I was finally assured that my product respects the hardware integrity!

Since I am a magician when it comes to opening electronic devices piece by piece then placing all the pieces back together By pure chance I also managed to place back everything inside the wallet case then close back the case. Surprisingly, the wallet is still functional! Grin





In the end, for trying to be more catholic than Pope is, I performed also the genuine check offered by Ledger Live app:









The check concluded by saying that the product is genuine. Hooray!





Conclusion

Having these said, I guess that the owners of Betnomi Ledgers can relax now, as their products are not tampered with. Those which want though can perform the above steps for checking their wallets' hardware integrity on their own. However, I don't recommend this, unless you don't care if the device gets fully damaged or unless you are used to opening electronic devices / fix them / etc. Smiley

It is very sad that icopress is having a huge loss because of Betnomi but, at least, they were not that evil to tamper the devices they raffled on the forum.
legendary
Activity: 1946
Merit: 1026
In Search of Incredible
August 11, 2023, 12:56:22 AM
#70
As far as I understand from one earlier post made by icopress, he was told that the payment will be sent to him at end of August:
Most probably it was a typing mistake from icopress. Because, icopress said a different thing in his next post where he posted the conversation between him and Sorsis.

I got a reply today... I tried to explain that he's not the only one with problems.
Quote
- Man, I also wanted to know what the status is regarding my payment. You said you could process it at the end of July.
- Yes, I was hoping to be back by now but unfortunately, the issues I came to address here are taking longer than expected. I don’t have access to funds right now
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
August 10, 2023, 03:37:59 PM
#69
Is there any update about your payment? Have you received any updates from Sorsis after 2nd August?

As far as I understand from one earlier post made by icopress, he was told that the payment will be sent to him at end of August:

I also wrote to Sorsis yesterday, (on July 18 he promised to return at the end of August and pay), he read my message, but has not answered yet.
legendary
Activity: 2086
Merit: 1282
Logo Designer ⛨ BSFL Division1
August 10, 2023, 02:43:11 PM
#68
That's a risk indeed. Just in case: don't use it.
Does Betnomi have their shipping address, or did someone else ship them? I wouldn't want someone who pulled an exit scam to know my physical location.
This is just few people who received those wallets, but they already now locations and emails from all customers who registered on their website with full KYC verification  Tongue
Everyone is receiving spam email messages who registered on betnomi even without kyc, and I wont be surprised if phone calls starts for those who performed veirification.
In worst case scenario betnomi was hacked, but if that was the case they should come out and say that in public not hide like rats.
In best case scenario they decided to slowly and quietly shut down operation of their website.
legendary
Activity: 1946
Merit: 1026
In Search of Incredible
August 10, 2023, 09:11:58 AM
#67
The admin or moderators of Betnomi's telegram group are deleting the messages which aren't in their favour. So, they are watching everything silently and keeping the reputation clean there. Isn’t it the sign of a legit operator Tongue

I told them yesterday on telegram group, for the person who is victims or at-least has a balance left on (Betnomi) to create a flag/scam assumption on the bitcointalk. The message is getting deleted, and my account getting banned.


I got a reply today... I tried to explain that he's not the only one with problems.
In any case, I have no choice but to wait.
Is there any update about your payment? Have you received any updates from Sorsis after 2nd August?
legendary
Activity: 2814
Merit: 1192
August 09, 2023, 12:59:27 PM
#66
If the board looks the same and there is no evidence of any modifications, they should be ok. Also, if it connects with genuine versions of Ledger Live that you downloaded from the official website and not a fake one that you were instructed to use with information in the package, it's a sign you are using a real Ledger. We are yet to see a fake/modified Ledger that can connect to Ledger servers, install the needed crypto apps, update the firmware, etc.    

Correct. That's why the only way for scammers to abuse a hardware wallet is either to make a seed and hope the buyer is dumb enough to use it, or connect their own data storage straight to the USB that works alongside the wallet. If the board doesn't have an sd card or something soldered to it and the wallet passes ledger's checkup it should be OK to use. I've never seen a modified hardware wallet where the attackers replaced the chips so that the board looks the same at first glance but has completely different data on it.

It's not really an important message, but if he was already talking to the brand in 2020, how is it possible that in 2022 it was imppossible to do, and then again in 2023 it had already been done?

Does Ledger even offer such personalized products, so that each of them has a different name?
That user asked for usernames to be printed on ledgers, which would be impossible without repackaging already ordered products.
copper member
Activity: 1652
Merit: 1325
I'm sometimes known as "miniadmin"
August 09, 2023, 07:30:46 AM
#65
----

So at some point in time, this personalisation of the products was possible, then it was not possible anymore... (or, maybe, it was not possible anymore in some conditions which they agreed on?). In any case, the source of  the Ledgers should be now clear (based on their statement, at least): they bought them a while ago, for their employees so this is why they had a remaining stash which offered through raffles or other contests.

----

Yeah, so I think I have something interesting about it to add.... Just taking some messages of my chat with sorsis from back in the day

Quote from: sorsis, 22 October 2020
even talking with ledger for Betnomi branded hardware wallets 😛

It's not really an important message, but if he was already talking to the brand in 2020, how is it possible that in 2022 it was imppossible to do, and then again in 2023 it had already been done?

legendary
Activity: 2730
Merit: 7065
August 09, 2023, 01:52:26 AM
#64
If the board looks the same and there is no evidence of any modifications, they should be ok. Also, if it connects with genuine versions of Ledger Live that you downloaded from the official website and not a fake one that you were instructed to use with information in the package, it's a sign you are using a real Ledger. We are yet to see a fake/modified Ledger that can connect to Ledger servers, install the needed crypto apps, update the firmware, etc.   
Pages:
Jump to: