999 DASH STOLEN

[fedpyramid]

Someone on discord has posed as mocowmoo and stolen 999 dash from my dashcore wallet posing to set up my masternode!!
stolen dash sent to this address XwGTQq59YDeWnDkEqqZjatSDGq3h1UsK82

transaction Id
b8b9e9dc731435a5aabc1d96b823e40ca07b770ff441cde5a069fb7f911b8781-000

Raw Transaction
0100000001d9ebfcf11e729d14c25f20b4bcfeb0da9df9a686a6dff71794aab817e875a39f010000006b483045022100e17e426a4d2388fa996295f66706d605e4b833e473188898b8e0310971fb0fc102201f53181103397f962ec84f7bb58b001083deff1a3ab076b2f7018d6b6bdbf2d20121035716c41accc941b9765a3719a71a6e6090366a81bbe6fe959c4bc756e8e73194feffffff021ee0f505000000001976a91436229e84983939cf08f8116251d40b5b779bfd3888ac00078142170000001976a914e1bdf132fd390b578272c8cb9ea7b0643c2000bc88ac13990e00

 

[fedpyramid]

Can anyone point me toward some support ive had 9 views????

 

[strophy]

Hi @fedpyramid unfortunately Dash transactions are irreversible. I can only give you the same advice you received on Discord: use your Teamviewer and Discord logs and try to find the IP address of the attacker. Channel moderators or Discord themselves may be able to help you retrieve this once given the Discord username and salt. Your Teamviewer log file might also have some information on the attacker, and Teamviewer may be able to help you. You will need to file a report with authorities and convince them to investigate. This could be a long process, since there is a very good chance the attacker was from another country, and probably also using a VPN. Consider hiring a private investigator.

I'm very sorry to hear about your loss (particularly since you started out following good security practices and using Trezor), and wish you the best in recovering the Dash.

To everyone else: Do not trust people based on their username alone. There are scammers everywhere. Always verify identity on multiple channels. Moocowmoo will always be able to validate his identity using a PGP encrypted message which you can verify on Keybase. If you do not know what this means, do not work with moocowmoo. Think very hard each step of the way if you are doing something that may potentially put your Dash in a position where someone else might have any form of access to your private keys.

 

[fedpyramid]

Private investigator can you recommend anyone in the community?? I’ll pay people to Skype and try help me in anyway I’m desperate. I’ve worked with MooCow I the past last year when I had 4 MN now I’ve just got enough back to operate another node. Please put word out to anyway that can help me gather everdence from teamview and discord. I feel like such a twat, it was on my trezor and I couldn’t get the dashtool to import config line I had paired for the hosting fee and this hacker said that he just had a baby posing as moocow. Please forward to anyone who can help I will pay

 

[xkcd]

Hi @fedpyramid what happened to you is terrible. To help others, can you explain how the scammer got to you? You say it happened on Discord where you posted under the username twick#2159. I checked the messages from you and the first one was your post about your hack, how did this scammer target you? You were setting up a Masternode at the time? Can you explain this, please?

 

[fedpyramid]

I had emailed Moocowmoo ( i must be careful as i don't want to drag his name through the mud, but i emailed him 3 times in the last 8 to 10 days and didn't sucessfully contact him via email to help me import conf line into masternode tool) so i made a post in the discord forum (approx 12pm to 2pm Chicago time 16th of october) under dash-masternode-tool asking if someone could get me in contact with moo because i was having difficulties importing the configurartion line into the masternode tool. I recieved a direct message from the hacker posing as moo saying that he just had a baby and i've been away busy. I congratulated him about new born and asked him to help me import the config line into the masternode tool and he told me because of the lastest wallet upgrade we needed to put 1000 back in the dash core wallet and bridge from there, me writing this now almost bring me to tears to see how nieve i was to fall for this hacker i had complete control of the dash in my trezor and i transfered them to the core wallet. The hacker requested me to delete the originally post i made under the dash-tool-chat because he said he didnt want to recieve 1000 calls from the dash admin requesting him to help me set up the trezor. Which i promptly deleted on the discord forum at (approx 2pm to 4pm chicago time on the 16th october). This morning i message the hacker and asked if we could set up node, i gave him my login details on team view. he requested me to unlock core wallet and open debug console which i did he enter into the computer and typed this into the debug console:- ( will add in seperate post ) while he was doing this i thought it was a bit strange how he was communicating so i recorded a video on my Iphone, i seen a 999 withdrawn from my wallet but because i had worked with moocowmoo last year setting up nodes it didnt click straight away that i was being hacked the when i looked on the discord thread on my iphone the moocommoo symbol of the cow disapperead and said "Dеletеd Usеr 627a72ea#4338" then i realised i was fucked. and started to panic. I tried to abandon transaction i started leaving posts all over discord there was 3 confirmations it was terrifying to realized what had happened. i tried to abandon transaction but it wouldn't work i don't know if hacker disabled the abandon function through the debug console so i couldn't cancel transaction.

I was impatient and wanting a ROI of my dash, i followed all instructions on the masternode.me page to get things set up i had even payed hosting fee, I've booked a flight back to Australia tonight to talk to the Australian authorities about the circumstances but from the phone call i have had with them they seem not very interested in the circumstances because i was geographically in India at time of incident.

 

[fedpyramid]

i will Pay $10000 USD for an individual or group that can sucessfully identify and bring these hackers to justice

 

[xkcd]

Ah, that makes sense now and I am so sorry for this tohav happened to you. I will talk to the mods about ways it might be prevented in the future, but I cannot help you directly, sorry. I just checked the block chain, your DASH is getting chopped up starting here.
https://chainz.cryptoid.info/dash/tx.dws?9291121.htm
Bad news, it looks like the thief is mixing the coins....

 

[TaoOfSatoshi]

This is sickening.

 

[healey]

fedpyramid: well, 1) that's extremely risky to unlock the wallet and then
2) allow someone to control that pc remotely using Team Viewer

 

[fedpyramid]

I’m wondering is there some sort of procedure when there is someone who is frauded in the community. I get it blockchain is valuable immutability and all is great for humanity. Right now I’m feeling it’s pretty hard to process that there isn’t any formal process with in the dash network, to mark the addresses the hacker is using to move my capital around the network as maliscious or criminal? We were the first network to have a governance system!! How can we sit by as a network and potentially allow criminals to be operating MN and soaking up the currency supply receiving rewards of the backs of others. I also understand that protecting private keys are acential part of Keeping your money safe, I failed I own 2 trezors and 2 ledgers and still failed. It feels ruthless as a community member to have a limited amount of help in this situation

 

[healey]

^this is an entrepreneurial solution that is needed. For there to be companies that use ip addy detective sleuthing + whatever other techniques to track down criminals who have stolen funds, and capture them in person to retrieve the stolen assets

 

[TroyDASH]

I’m wondering is there some sort of procedure when there is someone who is frauded in the community. I get it blockchain is valuable immutability and all is great for humanity. Right now I’m feeling it’s pretty hard to process that there isn’t any formal process with in the dash network, to mark the addresses the hacker is using to move my capital around the network as maliscious or criminal? We were the first network to have a governance system!! How can we sit by as a network and potentially allow criminals to be operating MN and soaking up the currency supply receiving rewards of the backs of others. I also understand that protecting private keys are acential part of Keeping your money safe, I failed I own 2 trezors and 2 ledgers and still failed. It feels ruthless as a community member to have a limited amount of help in this situation

The governance system in Dash is great for making funding decisions and for some forward-looking decisions, but rolling back confirmed transactions or blacklisting certain addresses is beyond its capabilities at the moment (in my opinion, for good reason. It would be quite challenging to have masternodes vote on what is or isn't a criminal transaction). This definitely does feel ruthless and I am so sorry that this happened to you. I am not sure what measures you have already undertaken with respect to law enforcement and/or a private investigator or lawyer, but I'm sure it will be worth the effort to check as many boxes as you can. I don't really know everything that can be done, but there are certainly experts who have experience in cryptocurrency theft who can advise and assist, both in terms of the investigation, or dealing with any issues that may arise with your finances/ tax situation,..etc.

 

[xkcd]

The blockchain above all else must remain immutable, we cannot roll back transactions even if it can be proved that they are 100% fraudulent or someone's life depends on it . There are plenty of reasons but a couple would be what level of proof is required to determine the fraud was done? Under which circumstances does the roll back occur? >100 DASH? Or at least 1000 DASH + ? What if a government contacts DCG and asks for roll back how should they respond? There is no circumstance where a chain roll back is acceptable. The value of coin is largely derived from the fact that it is immutable - final. No chargebacks. If it were any less I and many others would sell up and move to an immutable ledger.

Next issue is marking the coins as 'tainted', this is something that Bitcoin does. If you think about it the very ability to mark coins as tainted means the coin is not fungible. Fungible means that each and every coin is the same and exchangable for one another. This means that when you send someone a coin they wont complain that you sending them 'dirty' money, or proceeds of a crime. Fungibility is a property of cash, you have no idea if that cash was used to pay for a murder or a can of soda and it needs to be this way. If it were possible to mark coins as 'tainted' then different coins (UTXOs) would have a different value similar to Bitcoin where a premium is paid for coins created in miner block rewards in the OTC market. Private Send is what makes the DASH blockchain fungible and ensures that all our coins are valued equally. This technology is used for both good and evil, it is used to protect your privacy from spying governments or anyone you send money too, but also as in your case it conceals the identify of the thief.

DASH is Digitial Cash. You have to treat it the same way as cash. If you were mugged on the street and a $100 dollar bill was stolen from you, unless the criminal is caught you will never see that money again, and certainly there is no tracking that bill as it gets spent. Likewise if you drop $100 note in the street, again that money is lost for good and you're never seeing it again.

For these reasons, there is nothing that can be done for you. Cold comfort indeed, but such is life.

 

[slamdunk]

@fedpyramid: this is probably small consolation, but you're not alone. I have made a couple of missteps myself and lost some nice chunks of crypto. I have tried to think about it in terms of my OVERALL BENEFIT from getting into crypto as opposed to these unfortunate incidents. Additionally, through my mistakes, I have learned a WHOLE LOT.

In fact, I have learned from your mistake as well and appreciate your sharing.

 

[fedpyramid]

I agree about immutability, if the bitcoin blockchain was hard folked at Mt Gox hack it could be potentially worthless today. The networks health depends on responsibility and immutability, it makes sense for the network not to roll back transaction or we have a European Central Bank Bail Ins (AKA cypress on our hands)!! The real question is how do we create economic incentive as a network to bring fraudulent players to account without hurting fungibility or immutability, Masternode operators will choose self interest over empathy toward my situation I would assume. Tho the fact remains that if we remain passive towards injustice what does that mean for our brand of governance, is it a slippery slope?? Maybe we should have a bounty system in place directed from the treasury superblock to assist law enforcement with these situations. Or do we just pretend that it didn't happen and allow the hacker to chop up my potential masternode with private send and sell it off through exchanges. They say every problem is an opportunity in disguise, how do we solve this problem through the free market. I got 10k USD for incentive can any one else contribute ideas for incentive to catch the hacker

 

[xkcd]

@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.

 

[Name3]

We can't be gifting to people who lost their money. In the past, I've had two full masternodes taken from me by a hacker, granted this was before the treasury existed. Should I get my 2000 dash also?

By gifting to one person we set a dangerous precedent. Also this is not at all the point of the treasury.

 

[GrandMasterDash]

Expect a lot more of this when flat fee usernames are released.

 

[Antti Kaikkonen]

The stolen funds went into mixing the same day (Oct. 20). So I don't think there is much hope of tracing them using blockchain analysis.

 

[Antti Kaikkonen]

Can you show us the chart in dashradar?

Sometimes the chart reveals that the mixed coins regroup.

Sure. Import this to https://dashradar.com/graph. You can do that by clicking the green "+" icon and selecting Import from JSON.

 

[fedpyramid]

We can't be gifting to people who lost their money. In the past, I've had two full masternodes taken from me by a hacker, granted this was before the treasury existed. Should I get my 2000 dash also?

By gifting to one person we set a dangerous precedent. Also this is not at all the point of the treasury.

Man I had just bought back a masternode in October after the profit I made last year, dollar cost averaged about 180k USD, I think 2000 dash before the treasury would be under 20k usd if not 10k. Anyway I think it may be worth it to ask the question to the MN question.

 

[fedpyramid]

The stolen funds went into mixing the same day (Oct. 20). So I don't think there is much hope of tracing them

@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.

Well I think this makes a really interesting proposal in where we are as a community, I’m trying to think out of the box and I appreciate the suggestion you make. How do I go about making a proposal to the community??

 

[fedpyramid]

@fedpyramid I am going to go way out on limb and put forward an idea and ask that people mark my post with a green tick if they support or a red x if they do not. Firstly, your funds are now being mixed and almost certainly sold on exchanges, or shapeshifted and are likely unrecoverable. Any kind of intervention at this stage would impact innocent people that inadvertanly bought coins from a mixing session that contain some of your coins. Basically, the money is good as gone. So the proposal I have is this.

Would the community support creating a treasury proposal to 'gift' you 999 DASH out of the treasury in next month's Supeblock? Vote Green Tick YES, or Red X NO.

This wont punish the thief, he still gets away with it, but it at least makes you whole again.

Well I would encourage Masternode operators to sit back and think if they had there MN stolen and they lost all that capital and are not making the 10 to 11k USD a year passive income they would be as gutted as I am. Its interesting how people don't give a ****, I have been inadvertently impacted and to a certain degree nieve but I'm also innocent. This is really something to witness

 

[Antti Kaikkonen]

Reverting the transaction isn't really even technically possible without rolling back a lot of transactions, because the stolen funds were moved and mixed with other people. Doing this would negatively affect a lot of people and businesses. Imagine buying Dash on an exchange and then finding out that your transaction on the blockchain was reversed and you are left with nothing. In the case of the Ethereum DAO hack it was only possible because the funds were locked in the smart contract for a certain period of time.

 

[TroyDASH]

Well I would encourage Masternode operators to sit back and think if they had there MN stolen and they lost all that capital and are not making the 10 to 11k USD a year passive income they would be as gutted as I am. Its interesting how people don't give a ****, I have been inadvertently impacted and to a certain degree nieve but I'm also innocent. This is really something to witness

It is possible to still have empathy for someone while at the same time realizing that there is no solution at the protocol-level that would be acceptable to remedy this. It is very regrettable, but there are many others who have also lost significant amounts of Dash to hackers in the past, and certainly there will be many others in the future.
Have you been able to get in touch with a professional private investigator or attorney who might be able to assist you? The Dash community can be very resourceful, but I think that the Dash community is not the most well-equipped to help you with this, other than to direct you to experts in the field that you can work with one-on-one.

 

[GrandMasterDash]

What do you mean? How flat fee usernames can solve this problem?

I was saying, there will be many events like this, forever, if dash goes ahead with DIP 5 Blockchain Usernames. Names like "IRS", "Admin" and numerous others will be sucked up. Although they are not free, they will be affordable and the only price discovery will be after the fact (re-sale). Educating the masses, telling them that "Admin" is not admin, will be a very expensive process. IMO, DIP 5 in it's current form will cause irreparable damage to dash's reputation.

"Someone on discord has posed as mocowmoo and stolen 999 dash from my dashcore wallet"​

We need to put the brakes on DIP 5, it must not go ahead in it's current form.

 

[BoomDashOpera]

Great work @colofi and @Antti Kaikkonen! Surely these stolen DASH can be traced? There would have to be a cash out point at some stage or a wallet/exchange that would require KYC.

 

[tungfa]

Exactly. In case the thief decides to exit the Dash universe, he will be caught by the KYC of the exchange.

do not hold your breath
if he is clever enough he will split this up , convert to other currencies and exit with no issues (unfortunately)

 

[tungfa]

What do you mean split up?
If the thief exits the Dash Universe by using two or more names, these names will also be caught by the KYC of the exchanges.
So the first thing to do is to expand the graph of @Antti Kaikkonen and spot the exit points.
Of course in such cases of emergency, the community should react ASAP and should not remain pasive.
Unfortunately nobody cares for the pain of the other. Until the pain hits you.

everybody cares
as everybody is scared it will happen to him / her one day !
999 dash is a ton of money - so i suggest to hire a professional cyber security guy to track this down !
do NOT count on the community to sort this out for you - that is not their job - u are your own bank !
“splitting up” = send 20 dash here / send 50 dash there / ....
in theory u are right , but tbh there are still enough exit holes without kyc available !