I got scammed a few months back.
It was obvious enough that I should be embarrassed to share this with you. The crime is also solvable enough that I AM going to share it with you. For anyone regularly following my sn posts, this is the incident that really made me start thinking about opsec. I got scammed out of a decent amount of money, and gave away a handful of my real contact details.
It all started when I was trolling1 around Telegram (red flag) for really good deals on bitcoin miners (red flag) that I was hoping to get in a hurry (red flag). I found someone GIVING away some old miners for the cost of shipping. I even sat down with my wife and said that I thought there was a high likelihood that this was a scam, but that it was a (apparently poorly) calculated risk that I wanted to take. Those that follow me here probably have a good idea of what I was up to, but if not, you can learn more here. All of this took place after I had gotten back from SA and before I came this time around.
It took me over a week to determine that this was a scam, despite the culprit continuing to try to sell me expensive miners for much larger sums of money. I have a HUGE log of the discussion, including the moment when they really didn't seem to care anymore that I figured things out, as well as when they blocked me while continuing to scam elsewhere. I didn't fully figure out what was going on until finally having a conversation with the shipping company that was able to confirm no such order ever existed. You would be right to argue that one needs to be pretty naive to be taken for this long, but I've experienced a lot of legitimate goodwill from the bitcoin mining community, and much of it did require some actual trust. Furthermore, I know there are a lot of old bitcoin miners out there that could be doing a lot of good if we were able to get them to greener energy pastures.
The Feds
So here's an interesting irony. All of this was happening towards the end of the Samurai and Tornado Cash trials. My scammer used an onchain address and didn't do ANYTHING to obfuscate what happened with the money. On top of this, they were continuing to use the main address that the funds passed through and the Telegram account that they were scamming from. I even found other people online that were reporting various other types of scams that were paid out to the same address.
What a slam dunk case! The feds were going after non-criminals for helping people, some of whom MIGHT be criminals, keep their transactions private. Surely, they would go after real criminals acting in plain sight. So I reported the case. This a few months back now and I still haven't even received a follow-up email. I'm pretty sure it's still illegal to promise goods with payment and then not deliver or offer a refund, but maybe I'm wrong. Also, to their credit, they make it clear on the submission form that they don't follow up with most reports. But it begs the question, why go so hard after the non-criminals then?
Jameson Lopp
Well, a few weeks later, my paranoia had fully set in. How serious were these criminals? Did the authorities not follow up because they're in bed with the bad guys? If I bring more attention to this, do I make myself more of a target? I may not have as much bitcoin as most, but I've seen enough movies about people exposing corruption or outing the mafia.
So I reached out to the most famous name in bitcoin security I could think of: Jameson Lopp. Regardless of what one believes the best way to keep plebs with small hard drives running nodes might be, this guy was very gracious, generous, and kind with little old me reaching out about next steps after getting scammed. I had a lot of info (just like I had passed to the feds) to share, and he helped alleviate some of my fears of the scammers coming at me for more (basically said that these type of guys don't overlap with wrench guys and that I'm not a big enough fish anyway) and was able to identify that the scammers sent the money to an exchange. He even forwarded my "case" to someone named ZachXBT, who I guess is a super detective in the shitcoiner space. Apparently my case wasn't even in the ballpark of levels of funds that this guy likes to investigate though.
Detective Stackerman
So what about you? I've spilled the beans on my gullibility. The feds just don't want normal people to have privacy. The criminals don't need to launder anything apparently. ZachXBT's got better things to do. Are there onchain sleuths on sn?
Here's the brief:
The scammers have many handles. They post regularly in the Canaan shop telegram group advertising another telegram group called "Asics for sale worldwide" I've reported this site to telegram, but it persists, as does the account that it says to contact to discuss sales with, although this name changes regularly.
All funds from these guys' victims end up in this legacy address:
33Pi7DhhfGmj6zBUw6GHhUftNXnM1REWgD
which all flow to:
bc1q9bc1q9wvygkq7h9xgcp59mc6ghzczrqlgrj9k3ey9tz
There are always two moves into unique addresses only used once that end in the legacy address. My funds went through one such passage. Then everything is transferred into this last address, which Lopp believes is an exchange. I did some internet snooping and think that the exchange is a South Korean one called OKX. When I contacted them, they said that they can only divulge who the account belongs to to law enforcement for obvious reasons. I understand them protecting their customers, although it is frustrating that law enforcement hasn't pursued such an easy lead. They have all of the above information and screenshots of my full conversation with the scammer. Hopefully they'll kick into gear for the sake of all the other people that are still getting scammed by these guys.
That's all I got.
Maybe you see something that I don't though? Happy sleuthing.
Footnotes
-
I'm using the term from the fishing analogy and not the ogre-esc creature analogy here. ↩
33Pi7...EWgD
is KuCoin according to Arkham and so isbc1q9wvygkq7h...y9tz