The Anatomy of an Ethereum Scam

in #scam6 years ago (edited)

The anatomy of an ethereum scam

TL;DR:

I was recently robbed of some Ethereum. This was an unknown scam to me which goes as follows:

• You approach/are approached about a private investment group on Telegram
• You are invited to a Telegram chatroom with a number of people, names probably change but for me they were Walton, Andrei, Curtis, Paul – here they ask you questions about your ICO history and give you a spiel about how amazing they are as a team in getting into private deals
• You’re asked to ‘contribute’ somehow – for me it was agreeing to do research
• Eventually you’re pulled into a meeting where they divide up an allocation to a big project, everyone is given unique eth addresses to send funds to. Once your funds are received you are banned

Preamble:

This is a story about how I was robbed of 2 ethereum. Although I’m fundamentally reticent to, I’m telling this story because I’d like to stop someone else getting caught out by the same group of people, or the same tactic. That’s about where it ends though – I’m not expecting a white knight in shining armour to find the guys and force them to return my eth (although of course that would be nice), I’m not looking for any sympathy, and I’m not expecting much at all to come of it, but through this catharsis of laying it all out on the table, if one person who would have otherwise been caught out manages not to then that would be amazing. (P.s. If that does happen please deliver a message from me and tell them to go fuck themselves).

Also before we kick this into drive, I’ve seen stories of people being scammed many times with varying degrees of sophistication – sometimes the person was lazy with their private keys, sometimes ignorant of how to keep important info saved, sometimes the victim of more elaborate scams such as DNS spoofing. Bar a few cases there is always the general opinion that they were [insert expletive] idiots and deserved to lose their funds. Sympathy is scant and derision par for the course. Hell I’ve been part of the chorus in some instances where people have been especially stupid (I’m not just a bastard to everyone although perhaps even the occasional shake of the head at evident stupidity sparked off a karmic rebuttal). The reason I bring this up, and I’ll bring it up a few times just in case, is that I 100% completely take responsibility for being a freaking idiot in this instance.

One way ticket to scam town: 2 eth

The whole thing kicked off on May 15th when after seeing a user called Curtis Tolbert mention being in a private investment group in the Shivom telegram channel I reached out to them, super humble, asking for details and if they would accept new people. I’d been in a couple of ICO pools and was looking out for new groups to join.
Curtis acted aloof and nonchalant putting me in brown-nose mode and basically begging for a look in. He said he’d talk to his ‘leader’ and get back to me. Over the next 6 days we went back and forth – when they were ready to talk to me I wasn’t available, and vice versa. Eventually everyone found a time that worked and I was told to sign up to and use Teamspeak to chat to the guys. Shortly thereafter I was in their Teamspeak lobby where they had a list of ICO’s as rooms. Edenchain, NEX, Quark, Atonomi, One Ledger. I fist pumped – I’d hit the jackpot. If these guys could get in at private sale stage for these projects I had hit the jackpot!

Curtis.PNG

In the chat were a number of people. Curtis the guy who had arranged the meet, Paul their leader, Andreii and 2 others who I’ve forgotten now. Paul spoke with a very pronounced South African accent and they started the chat. Paul tells me that he’s been in Crypto for years, hit all the conferences, knew all the people and was very well connected so he could get in the door at basically anywhere. Curtis was one of the technical specialists who could dismantle a whitepaper and make sure it was above board. One of them was a senior marketing dude, and due to his marketing expertise they had arranged a private deal with Quarkchain that no one else had got because he was helping them with their strategy. Andreii was a wall-street private equity guy. They had all the bases covered. They asked me about my history, what ICO’s I’d invested in, what I could bring to the table etc. We settled on research – I could help them ‘find the next wanchain’. Worked for me – I do research on ICO projects in my spare time to work out what to get into, why not help these guys out and get a nice bonus for it?

We left it at that, a week goes by – I’m super busy at work and home so don’t do anything, but I log on once or twice to ask questions about which kind of projects they’d be interested in. Infrastructure projects, Paul tells me (go figure) – okay fine. Meeting coming up tomorrow, I’ll try and be there.

I’m busy again that night but in the morning see the chat from the previous night as my laptop was idle. ‘We’re going to try and finalise edenchain tonight – who’s liquid?’. Few messages back and forth. Paul pokes me twice. Nothing more than that really. I make my apologies and say I’ll be around next time.

Now a small detail I should add is that the rooms were named [Project name – private sale], and this was the case for all but Edenchain, which was labelled ‘Edenchain – Strategic Private Sale]’. This was a clever move as for all the hype Edenchain has received it’s been well documented they only worked with strategic partners at private sale stage, but I should have also seen a massive big red flag flashing at my face burning into my retina because I also know that Edenchain private deals were all done and dusted, public sale was around the corner so why would they still have an allocation? None the less my confirmation bias was well and truly raging and so I just assumed that these guys were so legit that the rules didn’t apply to them. Here comes that disclaimer again: yes I know I’m a massive stupid idiot. I don’t need people to remind me.

Next day rolls around. Meeting starts – this time we’re finalising quarkchain. Damnit I must have been too late for Edenchain but Quarkchain will do! Paul recounts to the group in his laid back south African accent a story about the SAFT, how the bonus is actually closer to 50% than the 40% that had been organised. I hear a baby babbling in the background – perhaps a recording to make this all the more authentic, perhaps an actual baby. Paul goes on: our allocation is 1,200 eth – how much does everyone want? ‘800’ says one guy ‘400’ another. Paul gets audibly frustrated with Curtis who isn’t on voice and only using the text chat for being tardy with his responses. ‘Curtis it really would be better if you were on voice’. No one wants to upset Paul, even worse disappoint him. You fool Curtis, put your damned microphone on. Curtis types that he wants 300, microphone isn’t working or something like that.

I’m sitting there as the group reel off how liquid they are and what they want while I’m frantically trying to sell some BTC to make my 1 eth into 2 eth. GDAX is doing its level best to fuck with me. At this point I’m in a mild panic. What if they laugh me out of the room for only having 2 eth to bring to the whale party? (In hindsight, that beautiful 20:20 bitch, who gives a shit?). I croak out 2 eth and say something about being tied up in other projects. On reflection I think I can remember Paul’s voice change a little – I wasn’t the pay day they were hoping for perhaps. In any case at this point I’ve forced market orders through GDAX and the transfer out to my wallet is in process. Paul taps away on a calculator (oh Paul you’ve done this before you Machiavellian fuck). There is some eth left over, who wants it? I’m not really listening at this point I just don’t want to be holding this whale party up. My little flipper is trembling in the wake of these blue whale motherfuckers, and like the nutter who rides the drift of an 18-wheel lorry I’m just praying I don’t get caught out by an errant change in pace.

The allocations are finally agreed, and Paul sends everyone an address for them to send their eth into. Why we’re not sending it to the same address makes no sense, but I appear to be suddenly colour blind. The red flags are coming thick and fast but I’m just seeing a brown blur. Paul is checking in the amounts: ‘Curtis yours has arrived, got yours Andrei’. I’m starting to perspire. ‘Hold on a sec my ledger is being tricky’, I mumble into the headset. That’s it, stick them with the fact you have a ledger that will impress them a little bit. My adrenal glands start pumping adrenaline into my blood and my heart begins to beat faster. Finally my eth arrives from GDAX. I punch in the wallet address, turn up the gwei and send my 2 wonderful Ethereum into the… er… ether. Gas was high so it should be there quickly. I wait. 5 seconds passes, someone else’s allocation gets confirmed by Paul. 10 seconds passes. ‘Got yours’ Paul says. I relax for a few seconds – I made the team, didn’t hold the party up and Quark chain will be a good turn around. And then, just as my sympathetic nervous system clicks off and the warm after-burn of an adrenaline spike begins to spread across my chest I hear the robotic Teamspeak voice tell me ‘You were banned’ and the Teamspeak window closes. The air is suddenly sucked out of the room.

We have lost cabin pressure

I’ve not ever experienced a penny drop moment so viscerally before. In the long seconds that follow, the events of the past 2 weeks beging to un-ravel and my temporary colour blindness is replaced with incredible psychedelic clarity – all the hues of red come flooding back to the muted colour swatches of the past 2 weeks as nudge after nudge along the path to this moment sit before me as clear as day. My stomach twists and the feeling of nausea surges up and settles at the base of my neck. ‘Keep it down’ I tell myself while trying to control the panic and decide what I could do to reverse the situation. Nothing is the obvious reply, I know this already, but we cling to desperate threads in time of crisis. The realisation that I’ve been ‘done’ is multi-layered and it builds in intensity – much like the heat of a ghost pepper as it creeps down your neck and through your sinuses gradually. It took some long moments of reflection and acceptance before I could sleep that night. Furious with myself, furious with the guys that scammed me. Heartbroken for the poor child who has to call that asshole their father. In some ways hearing the fact that ‘Paul’ had a kid has made this far worse – I could reconcile that a jackass conman could do this, but the idea that a father could?

In the immediate aftermath I thought there was a chance that they were legit but just decided to take my eth and run, almost as a punishment for a minnow trying to get mixed up with some whales, I even reached out to Quarkchain to confirm (no reply, go figure), but having watched the address and followed it to another wallet I realise that these guys are having far more success with other victims. I lost 2 eth, but the current total funds in the wallet (most of which I am assuming are stolen) is around 800 eth. If you search through the incoming transactions there are a few other wallets with comments from people who were screwed over by the same guys.

I was even approached by people in the comments on etherscan – one of whom told me my funds would be back with me by the end of the day. I humoured them but never really expected much and true enough they were just fucking with me (no shit Sherlock). The other offered to sell me incriminating evidence that I could use to land these guys in jail for 10 eth. They knew the scam, knew the format, but to be honest they could very well just be the same guys trying to get more out of me, and in any case 10 eth to recover 2 is a ridiculous proposition.

marcopolo2.PNG
marcopolo.PNG

Since then the comments have blown up on the wallet, some people saying the perps are being tracked, some saying there are investigations going on, but no details could be released. At the very least it’s very much on the radar of a lot of people. I don’t personally hold out much hope of getting my funds back but I really hope the others who lost significantly more than me do.

Dissecting my stupidity

I realised that ultimately the thing to blame here is greed on my part – I was way too emotionally invested in getting into groups with superior deals. The visceral response to getting mixed up with these guys is a clear indication of that. I can be angry at the scammers as much as I like but really it was my flaw that was exploited. This is very much something I will try to learn from – I genuinely believe in some of the incredible projects that are being built on blockchain technology and to be honest that should be enough.

Because I was compromised my usual cynicism and sceptical attitude went out of the window. The red flags that I missed were myriad, such as not questioning how these private round allocations were still open so close to crowd sale, not asking why we weren’t contributing to the same eth address, not asking for proof of the other member transactions, jesus – not even getting full names of these strangers! In my pursuit to appear ‘legit’ and serious I threw all my normal checks out of the window, and in a beautifully orchestrated irony became the antithesis of a serious player.

Putting it all to bed

As I said at the start my motivation here was to stop someone else falling into the same trap that I did, but also as a way of putting this whole regrettable event to bed for me so I can move on. For the purposes transparency/evidence, the eth address where the stolen funds currently sit is here: https://etherscan.io/address/0x788da3190b020f615cae4f2c31813cd0b6a1de2b - as you’ll see unfortunately there are a lot of them. The comments section makes for sad reading, and if you follow the trails back to the original scam wallets you’ll also see a sorry sight for sore eyes.

I genuinely hope these guys get caught and have to return their funds, but anyone kidding themselves at this game isn’t the wild west is in denial and unfortunately I don’t hold out much hope of this happening.

P.S. yes I know I'm an idiot.

P.P.S. As a final follow-up, I should also make the point that I genuinely have never invested more than I could 'afford' to lose in crypto. While this stung I'm quietly comforted by the fact that I stuck to that rule so if there is anything to come out of this then it should be please, please only ever invest what you can afford to lose - whether that loss is from market movements or being exploited at least you should be able to cover it if it does happen.

Sort:  

@marcopolocafers, I gave you an upvote on your first post! Please give me a follow and I will give you a follow in return!

Please also take a moment to read this post regarding bad behavior on Steemit.

Passing by and Upvoted you :) !
:
“aphorism 90: ====> Matt Berry

If you've been affected by this scam and want to join a group on Telegram of others who have been, email me at Marcopoloeth@protonmail.com with your Disqus displayname.

Congratulations @marcopolocafers! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You made your First Comment

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last announcement from @steemitboard!

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Congratulations @marcopolocafers! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Do not miss the last post from @steemitboard:

Are you a DrugWars early adopter? Benvenuto in famiglia!
Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Congratulations @marcopolocafers! You received a personal award!

Happy Steem Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Do not miss the last post from @steemitboard:

Downvote challenge - Add up to 3 funny badges to your board
Vote for @Steemitboard as a witness to get one more award and increased upvotes!