Grams

I cant find that post with that muppet loosing 60BTC, I was gonna jump in and say what a retard he was (but I was beaten to it by many people) but also youve gotta take a long hard look at grams, they say its not their fault cos they were hacked, either way its a big red flag, hacked = shitty netsec, not hacked = scamming and/or incompetent

The admin at sigaint weighed in and that coupled with a little digging by zaphod seems to be shitting all over the grams team http://thehub7gqe43miyc.onion/index.php?topic=19345.0

It could all be a case of someone forging the email to trick that guy into parting with his 60 and grams have nothing to do with any of it of course, but then I dont know why sigaint would have stepped up


Comments


[10 Points] None:

[deleted]


[7 Points] ziz1:

I cant find that post with that muppet loosing 60BTC

He deleted it, along with his account:

https://www.reddit.com/r/DarkNetMarkets/comments/4hngm9/grams_mixer_have_stolen_60_btc_from_me/

https://www.reddit.com/user/dccrux


[5 Points] gramsadmin:

Hi all, Let me address some of the address some of these concerns. There is a lot of info and points I need to talk about, I'm sorry for this being so long.

The shilling accusations

Vendor_bbmc has had it out for me for a long time. I don't know why, maybe he works for bitcoin fog or someone else. I have nothing against him , and everyone is entitled to their opinion. This is what I know.** I have never shilled. I have never said anything bad about bitcoin fog.** I have never collaborated with any mods against any service including bitcoin fog. If look back at all the bitcoin fog complains you will see a bunch of complaints from trusted users with 6 month old accounts. Yes there were a lot of new accounts complaining but it wasn't just new accounts. I even wrote a message to the mod/lolibal a while ago when all complaints were coming in about bcf explaining that I didn't think they were intentional y stealing coins. I noticed a pattern when ever Agora was down for server upgrades bitcoin fog got selective scam complaints. My theory was that bitcoin fog and Agora were run by the same people ( which other people said) and when they did the server upgrades they weren't transferring the db correctly and some of the newer accounts didn't get transferred. This would explain why users were complaining saying they created a new account and then went to log in an hour later and their account was no longer there. I ask them to research in to this or let bitcoin fog know. I don't know if these new mods can see those old messages I sent to them , but they might be able to verify I sent that message. I think it is funny that Vendor_bbmc keeps saying there is no proof bcf was scamming, but at the same time there is no proof at I was shilling and he keeps bringing that up.

PGP

In the hub post they mention there was a post a while ago about gramsteam not encrypting the return address. I know this was a problem and this happen right after I hired him. After that post I told him he need to fix it and always use PGP if they included their pgp key in the future. Since gramsteam has been doing an excellent job. We get around 40 emails a day from people who sent to many transactions to a helix or some other problem with missing coins. We make sure that everyone of those people get their coins. About our pgps being insecure. We will be updating them this week.

60 bitcoin guy.

This is what happened. My email was hacked for about a day. I think it was brute forced since my password was not that secure. He sent out a bunch of emails to people say there coins weren't tumbled correctly and to send them back to be retumbled. I now think no one when fell for it. At the time I thought some did. I was getting emails from people saying they had been scammed by this person. I felt bad for them and sent them bitcoins from me to make up for it. I now think these people were the scammer. So about a week ago I got an email from the scammer saying he hacked my email again and that he was stealing from people again. I knew this was not possible because my new password was very secure. about an hour later I got an email come in from some random guy saying he had been scammed for 24 bitcoins by an email from me. I was very skeptical and asked for the email he got and the transaction id of the bitcoins he sent to the scammer. He sent me just the transaction id. The transaction was for 26.4 and was split to 5 different address none of which even coming close to 24 btc. I told him the transaction amount didn't match what he was saying. I never heard back from him. An hour later I got a similar email form someone else saying they got scammed for 25 bitcoins. I asked for the same information as before. This time the transaction amounts matched but I looked into it on wallet explorer and could easily tell it was internal tumbler transaction for a major bitcoin company. You could see every hour they sent 25 btc to a different wallet. I could clearly see he just found a random transaction on the blockchain and tried to use it. I asked him if he worked for that company and never heard back from him. A couple hours later I got a message from some with a similar story and they provided a screen shot of the email and a transaction id. What they didn't notice is the date on the email from the scammer said April 30th and the transaction id they sent was from april 27th. I never even responded to that one because I knew it was the same scammer. Later that day I got an email from the guy about the 60 bitcoins. I knew it was the same scammer. I could tell because they all had the same bad grammar in all the emails. I didn't respond to him. He threatened to tell everyone I was scamming people if I didn't respond. I still didn't respond. He made that post along with other in /r/grams. He later told me he would take them down if I payed him the 60 bitcoins. I never responded to any of it. So that is the story behind that.

DNMavengers

I thought it was great idea when it came out. I love trying to help the community so I donated to them. I have never been on the site. I don't have an account. I have no idea what is going on there. This is the truth , believe it or not. When ever Vendor_bbmc brings it up , I seriously have no idea what he is talking about. I talk to the owner once a month to pay him for advertising.

Conclusion

I have never shilled or tried to harm any person or service in this community. I provided a service which I thought would help the community. I try to make it the best by providing good customer service and making sure no one ever loses any bitcoins using it. I have nothing against other tumblers or services. The more competition the better. The more it will push us to the best and give the users better quality products and services. Grams has been around for over 2 years and has had probably the best feedback of all the services. With that is going to come people who don't like you and are going to find anything wrong they can. As they say "haters gone hate". There is nothing I can do about this. Everyone is welcome to use my services if they want, or not. I encourage every user to do their own research and use the service they trust most and best suits them.

Stay Safe,
-GramsAdmin

p.s. This is all I have to say on these subjects for now. I will not be responding to comments in this thread. I learned a long time ago getting in to reddit comment wars is a waste of time that could better be used for other things.


[2 Points] theevoinsider:

u/gramsadmin


[1 Points] sapiophile:

The only thing I want to add to this conversation is that GPG key used by grams with the following fingerprint:

86FD B072 6013 C882 15DC  5F46 CBE6 544F 0662 4572

Is incredibly insecure. The primary key is a 1024-bit DSA key, which is a format that has been entirely deprecated for a couple of years, now, dude to specific and actual successful attacks, and the encryption subkey is a fucking 512-bit ElGamal key. It's almost a joke, and these values are in fact below the defaults used by any sane piece of OpenPGP software, meaning that either terrible software was used, or the key's creator went out of their way to use weak keys. I don't really understand it.

In any case, it suggests poor security practices or knowledge from /u/gramsteam or /u/gramsadmin , and so I wouldn't be surprised if the problem was with their endpoint security, such as a keylogger on their computer that captured their sigaint password.

I will also say, though, that I think it's much more likely that the headers of the phishing email in question were forged, and that it did not in fact come from the grams email account at all. I could send anyone an email with "gramsteam@sigaint.org" in the From: field, right now, as can anyone else. I'm not sure if SIGAINT implements DKIM or other security features to authenticate emails sent over their platform, but I would strongly advise them (/u/sigaint) to do so.


[1 Points] lordredvampire:

Sigaint doesn't own grams.

NEVERMIND: read the forum.


[1 Points] aboutthednm:

I get messages non-stop from random accounts asking me to give bitblender a try. 2 or 3 messages every day. This has done nothing but further strengthened my resolve to not use their services.


[1 Points] None:

dude..... give up..


[0 Points] Vendor_BBMC:

I didn't hear about this. But anybody who would go to the lengths of corrupting the DNMavengers, then running a year-long campaign against bitcoinfog (even involving the mod team until lobeli stepped down) had to be bad news.

Thank you. I feel vindicated finally hearing somebody who doesn't have their tongue rammed right up grams arse. You still get people here saying "everybody knows bitcoinfog are selective scammers", even after everything that's happened since.