999 DASH STOLEN

fedpyramid

New Member
Apr 9, 2016
30
12
8
Someone on discord has posed as mocowmoo and stolen 999 dash from my dashcore wallet posing to set up my masternode!!
stolen dash sent to this address XwGTQq59YDeWnDkEqqZjatSDGq3h1UsK82

transaction Id
b8b9e9dc731435a5aabc1d96b823e40ca07b770ff441cde5a069fb7f911b8781-000

Raw Transaction
0100000001d9ebfcf11e729d14c25f20b4bcfeb0da9df9a686a6dff71794aab817e875a39f010000006b483045022100e17e426a4d2388fa996295f66706d605e4b833e473188898b8e0310971fb0fc102201f53181103397f962ec84f7bb58b001083deff1a3ab076b2f7018d6b6bdbf2d20121035716c41accc941b9765a3719a71a6e6090366a81bbe6fe959c4bc756e8e73194feffffff021ee0f505000000001976a91436229e84983939cf08f8116251d40b5b779bfd3888ac00078142170000001976a914e1bdf132fd390b578272c8cb9ea7b0643c2000bc88ac13990e00
 

strophy

Administrator
Dash Core Group
Dash Support Group
Feb 13, 2016
794
519
163
Hi @fedpyramid unfortunately Dash transactions are irreversible. I can only give you the same advice you received on Discord: use your Teamviewer and Discord logs and try to find the IP address of the attacker. Channel moderators or Discord themselves may be able to help you retrieve this once given the Discord username and salt. Your Teamviewer log file might also have some information on the attacker, and Teamviewer may be able to help you. You will need to file a report with authorities and convince them to investigate. This could be a long process, since there is a very good chance the attacker was from another country, and probably also using a VPN. Consider hiring a private investigator.

I'm very sorry to hear about your loss (particularly since you started out following good security practices and using Trezor), and wish you the best in recovering the Dash.

To everyone else: Do not trust people based on their username alone. There are scammers everywhere. Always verify identity on multiple channels. Moocowmoo will always be able to validate his identity using a PGP encrypted message which you can verify on Keybase. If you do not know what this means, do not work with moocowmoo. Think very hard each step of the way if you are doing something that may potentially put your Dash in a position where someone else might have any form of access to your private keys.
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
Private investigator can you recommend anyone in the community?? I’ll pay people to Skype and try help me in anyway I’m desperate. I’ve worked with MooCow I the past last year when I had 4 MN now I’ve just got enough back to operate another node. Please put word out to anyway that can help me gather everdence from teamview and discord. I feel like such a twat, it was on my trezor and I couldn’t get the dashtool to import config line I had paired for the hosting fee and this hacker said that he just had a baby posing as moocow. Please forward to anyone who can help I will pay
 

xkcd

Well-known Member
Masternode Owner/Operator
Feb 19, 2017
557
526
163
australia
mnowatch.org
Dash Address
XpoZXRfr2iFxWhfRSAK3j1jww9xd4tJVez
Hi @fedpyramid what happened to you is terrible. To help others, can you explain how the scammer got to you? You say it happened on Discord where you posted under the username twick#2159. I checked the messages from you and the first one was your post about your hack, how did this scammer target you? You were setting up a Masternode at the time? Can you explain this, please?
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
I had emailed Moocowmoo ( i must be careful as i don't want to drag his name through the mud, but i emailed him 3 times in the last 8 to 10 days and didn't sucessfully contact him via email to help me import conf line into masternode tool) so i made a post in the discord forum (approx 12pm to 2pm Chicago time 16th of october) under dash-masternode-tool asking if someone could get me in contact with moo because i was having difficulties importing the configurartion line into the masternode tool. I recieved a direct message from the hacker posing as moo saying that he just had a baby and i've been away busy. I congratulated him about new born and asked him to help me import the config line into the masternode tool and he told me because of the lastest wallet upgrade we needed to put 1000 back in the dash core wallet and bridge from there, me writing this now almost bring me to tears to see how nieve i was to fall for this hacker i had complete control of the dash in my trezor and i transfered them to the core wallet. The hacker requested me to delete the originally post i made under the dash-tool-chat because he said he didnt want to recieve 1000 calls from the dash admin requesting him to help me set up the trezor. Which i promptly deleted on the discord forum at (approx 2pm to 4pm chicago time on the 16th october). This morning i message the hacker and asked if we could set up node, i gave him my login details on team view. he requested me to unlock core wallet and open debug console which i did he enter into the computer and typed this into the debug console:- ( will add in seperate post ) while he was doing this i thought it was a bit strange how he was communicating so i recorded a video on my Iphone, i seen a 999 withdrawn from my wallet but because i had worked with moocowmoo last year setting up nodes it didnt click straight away that i was being hacked the when i looked on the discord thread on my iphone the moocommoo symbol of the cow disapperead and said "Dеletеd Usеr 627a72ea#4338" then i realised i was fucked. and started to panic. I tried to abandon transaction i started leaving posts all over discord there was 3 confirmations it was terrifying to realized what had happened. i tried to abandon transaction but it wouldn't work i don't know if hacker disabled the abandon function through the debug console so i couldn't cancel transaction.

I was impatient and wanting a ROI of my dash, i followed all instructions on the masternode.me page to get things set up i had even payed hosting fee, I've booked a flight back to Australia tonight to talk to the Australian authorities about the circumstances but from the phone call i have had with them they seem not very interested in the circumstances because i was geographically in India at time of incident.
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
i will Pay $10000 USD for an individual or group that can sucessfully identify and bring these hackers to justice
 

xkcd

Well-known Member
Masternode Owner/Operator
Feb 19, 2017
557
526
163
australia
mnowatch.org
Dash Address
XpoZXRfr2iFxWhfRSAK3j1jww9xd4tJVez
Ah, that makes sense now and I am so sorry for this tohav happened to you. I will talk to the mods about ways it might be prevented in the future, but I cannot help you directly, sorry. I just checked the block chain, your DASH is getting chopped up starting here.
https://chainz.cryptoid.info/dash/tx.dws?9291121.htm
Bad news, it looks like the thief is mixing the coins....
 

healey

New Member
Feb 9, 2017
13
2
3
38
fedpyramid: well, 1) that's extremely risky to unlock the wallet and then
2) allow someone to control that pc remotely using Team Viewer
 
Last edited:

fedpyramid

New Member
Apr 9, 2016
30
12
8
I’m wondering is there some sort of procedure when there is someone who is frauded in the community. I get it blockchain is valuable immutability and all is great for humanity. Right now I’m feeling it’s pretty hard to process that there isn’t any formal process with in the dash network, to mark the addresses the hacker is using to move my capital around the network as maliscious or criminal? We were the first network to have a governance system!! How can we sit by as a network and potentially allow criminals to be operating MN and soaking up the currency supply receiving rewards of the backs of others. I also understand that protecting private keys are acential part of Keeping your money safe, I failed I own 2 trezors and 2 ledgers and still failed. It feels ruthless as a community member to have a limited amount of help in this situation
 
  • Like
Reactions: healey

healey

New Member
Feb 9, 2017
13
2
3
38
^this is an entrepreneurial solution that is needed. For there to be companies that use ip addy detective sleuthing + whatever other techniques to track down criminals who have stolen funds, and capture them in person to retrieve the stolen assets
 

TroyDASH

Well-known Member
Jul 31, 2015
1,254
797
183
I’m wondering is there some sort of procedure when there is someone who is frauded in the community. I get it blockchain is valuable immutability and all is great for humanity. Right now I’m feeling it’s pretty hard to process that there isn’t any formal process with in the dash network, to mark the addresses the hacker is using to move my capital around the network as maliscious or criminal? We were the first network to have a governance system!! How can we sit by as a network and potentially allow criminals to be operating MN and soaking up the currency supply receiving rewards of the backs of others. I also understand that protecting private keys are acential part of Keeping your money safe, I failed I own 2 trezors and 2 ledgers and still failed. It feels ruthless as a community member to have a limited amount of help in this situation
The governance system in Dash is great for making funding decisions and for some forward-looking decisions, but rolling back confirmed transactions or blacklisting certain addresses is beyond its capabilities at the moment (in my opinion, for good reason. It would be quite challenging to have masternodes vote on what is or isn't a criminal transaction). This definitely does feel ruthless and I am so sorry that this happened to you. I am not sure what measures you have already undertaken with respect to law enforcement and/or a private investigator or lawyer, but I'm sure it will be worth the effort to check as many boxes as you can. I don't really know everything that can be done, but there are certainly experts who have experience in cryptocurrency theft who can advise and assist, both in terms of the investigation, or dealing with any issues that may arise with your finances/ tax situation,..etc.
 
  • Like
Reactions: Antti Kaikkonen

xkcd

Well-known Member
Masternode Owner/Operator
Feb 19, 2017
557
526
163
australia
mnowatch.org
Dash Address
XpoZXRfr2iFxWhfRSAK3j1jww9xd4tJVez
The blockchain above all else must remain immutable, we cannot roll back transactions even if it can be proved that they are 100% fraudulent or someone's life depends on it . There are plenty of reasons but a couple would be what level of proof is required to determine the fraud was done? Under which circumstances does the roll back occur? >100 DASH? Or at least 1000 DASH + ? What if a government contacts DCG and asks for roll back how should they respond? There is no circumstance where a chain roll back is acceptable. The value of coin is largely derived from the fact that it is immutable - final. No chargebacks. If it were any less I and many others would sell up and move to an immutable ledger.

Next issue is marking the coins as 'tainted', this is something that Bitcoin does. If you think about it the very ability to mark coins as tainted means the coin is not fungible. Fungible means that each and every coin is the same and exchangable for one another. This means that when you send someone a coin they wont complain that you sending them 'dirty' money, or proceeds of a crime. Fungibility is a property of cash, you have no idea if that cash was used to pay for a murder or a can of soda and it needs to be this way. If it were possible to mark coins as 'tainted' then different coins (UTXOs) would have a different value similar to Bitcoin where a premium is paid for coins created in miner block rewards in the OTC market. Private Send is what makes the DASH blockchain fungible and ensures that all our coins are valued equally. This technology is used for both good and evil, it is used to protect your privacy from spying governments or anyone you send money too, but also as in your case it conceals the identify of the thief.

DASH is Digitial Cash. You have to treat it the same way as cash. If you were mugged on the street and a $100 dollar bill was stolen from you, unless the criminal is caught you will never see that money again, and certainly there is no tracking that bill as it gets spent. Likewise if you drop $100 note in the street, again that money is lost for good and you're never seeing it again.

For these reasons, there is nothing that can be done for you. Cold comfort indeed, but such is life.
 

slamdunk

Member
Jul 31, 2016
119
54
78
www.dash.org
@fedpyramid: this is probably small consolation, but you're not alone. I have made a couple of missteps myself and lost some nice chunks of crypto. I have tried to think about it in terms of my OVERALL BENEFIT from getting into crypto as opposed to these unfortunate incidents. Additionally, through my mistakes, I have learned a WHOLE LOT.

In fact, I have learned from your mistake as well and appreciate your sharing.
 
  • Like
Reactions: xkcd

fedpyramid

New Member
Apr 9, 2016
30
12
8
I agree about immutability, if the bitcoin blockchain was hard folked at Mt Gox hack it could be potentially worthless today. The networks health depends on responsibility and immutability, it makes sense for the network not to roll back transaction or we have a European Central Bank Bail Ins (AKA cypress on our hands)!! The real question is how do we create economic incentive as a network to bring fraudulent players to account without hurting fungibility or immutability, Masternode operators will choose self interest over empathy toward my situation I would assume. Tho the fact remains that if we remain passive towards injustice what does that mean for our brand of governance, is it a slippery slope?? Maybe we should have a bounty system in place directed from the treasury superblock to assist law enforcement with these situations. Or do we just pretend that it didn't happen and allow the hacker to chop up my potential masternode with private send and sell it off through exchanges. They say every problem is an opportunity in disguise, how do we solve this problem through the free market. I got 10k USD for incentive can any one else contribute ideas for incentive to catch the hacker
 

xkcd

Well-known Member
Masternode Owner/Operator
Feb 19, 2017
557
526
163
australia
mnowatch.org
Dash Address
XpoZXRfr2iFxWhfRSAK3j1jww9xd4tJVez
@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.
 

Name3

Member
Jun 23, 2017
126
41
78
We can't be gifting to people who lost their money. In the past, I've had two full masternodes taken from me by a hacker, granted this was before the treasury existed. Should I get my 2000 dash also?

By gifting to one person we set a dangerous precedent. Also this is not at all the point of the treasury.
 

Antti Kaikkonen

Active Member
Jun 20, 2017
258
172
103
dashradar.com
Dash Address
XnZdwT1w2kGeH6RujwoyJ7BBNrukdyTBRB
The stolen funds went into mixing the same day (Oct. 20). So I don't think there is much hope of tracing them using blockchain analysis.
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
We can't be gifting to people who lost their money. In the past, I've had two full masternodes taken from me by a hacker, granted this was before the treasury existed. Should I get my 2000 dash also?

By gifting to one person we set a dangerous precedent. Also this is not at all the point of the treasury.
Man I had just bought back a masternode in October after the profit I made last year, dollar cost averaged about 180k USD, I think 2000 dash before the treasury would be under 20k usd if not 10k. Anyway I think it may be worth it to ask the question to the MN question.
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
The stolen funds went into mixing the same day (Oct. 20). So I don't think there is much hope of tracing them
@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.
Well I think this makes a really interesting proposal in where we are as a community, I’m trying to think out of the box and I appreciate the suggestion you make. How do I go about making a proposal to the community??
 

fedpyramid

New Member
Apr 9, 2016
30
12
8
@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.
Well I would encourage Masternode operators to sit back and think if they had there MN stolen and they lost all that capital and are not making the 10 to 11k USD a year passive income they would be as gutted as I am. Its interesting how people don't give a ****, I have been inadvertently impacted and to a certain degree nieve but I'm also innocent. This is really something to witness
 
Last edited by a moderator:

Antti Kaikkonen

Active Member
Jun 20, 2017
258
172
103
dashradar.com
Dash Address
XnZdwT1w2kGeH6RujwoyJ7BBNrukdyTBRB
Reverting the transaction isn't really even technically possible without rolling back a lot of transactions, because the stolen funds were moved and mixed with other people. Doing this would negatively affect a lot of people and businesses. Imagine buying Dash on an exchange and then finding out that your transaction on the blockchain was reversed and you are left with nothing. In the case of the Ethereum DAO hack it was only possible because the funds were locked in the smart contract for a certain period of time.
 
  • Like
Reactions: colofi

TroyDASH

Well-known Member
Jul 31, 2015
1,254
797
183
Well I would encourage Masternode operators to sit back and think if they had there MN stolen and they lost all that capital and are not making the 10 to 11k USD a year passive income they would be as gutted as I am. Its interesting how people don't give a ****, I have been inadvertently impacted and to a certain degree nieve but I'm also innocent. This is really something to witness
It is possible to still have empathy for someone while at the same time realizing that there is no solution at the protocol-level that would be acceptable to remedy this. It is very regrettable, but there are many others who have also lost significant amounts of Dash to hackers in the past, and certainly there will be many others in the future.
Have you been able to get in touch with a professional private investigator or attorney who might be able to assist you? The Dash community can be very resourceful, but I think that the Dash community is not the most well-equipped to help you with this, other than to direct you to experts in the field that you can work with one-on-one.
 

GrandMasterDash

Grizzled Member
Masternode Owner/Operator
Jul 12, 2015
3,424
1,459
1,183
What do you mean? How flat fee usernames can solve this problem?
I was saying, there will be many events like this, forever, if dash goes ahead with DIP 5 Blockchain Usernames. Names like "IRS", "Admin" and numerous others will be sucked up. Although they are not free, they will be affordable and the only price discovery will be after the fact (re-sale). Educating the masses, telling them that "Admin" is not admin, will be a very expensive process. IMO, DIP 5 in it's current form will cause irreparable damage to dash's reputation.

"Someone on discord has posed as mocowmoo and stolen 999 dash from my dashcore wallet"​

We need to put the brakes on DIP 5, it must not go ahead in it's current form.
 

tungfa

Grizzled Member
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,898
6,747
1,283
Exactly. In case the thief decides to exit the Dash universe, he will be caught by the KYC of the exchange.
do not hold your breath
if he is clever enough he will split this up , convert to other currencies and exit with no issues (unfortunately)
 

tungfa

Grizzled Member
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,898
6,747
1,283
What do you mean split up?
If the thief exits the Dash Universe by using two or more names, these names will also be caught by the KYC of the exchanges.
So the first thing to do is to expand the graph of @Antti Kaikkonen and spot the exit points.
Of course in such cases of emergency, the community should react ASAP and should not remain pasive.
Unfortunately nobody cares for the pain of the other. Until the pain hits you.
everybody cares
as everybody is scared it will happen to him / her one day !
999 dash is a ton of money - so i suggest to hire a professional cyber security guy to track this down !
do NOT count on the community to sort this out for you - that is not their job - u are your own bank !
“splitting up” = send 20 dash here / send 50 dash there / ....
in theory u are right , but tbh there are still enough exit holes without kyc available !