-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Abusive Stacks addresses - addresses used by hacks #3931
Comments
SP30F77CBR0DSZAET7A5WYMGDHRNDQYDHCPK5SWMC WonSTX scammer from SP30F77CBR0DSZAET7A5WYMGDHRNDQYDHCPK5SWMC off-ramped to this likely exchange address |
Very much in support of this, great initiative @314159265359879 |
This will be helpful for users. |
Date: june 15th 2023 A: SP20ATZMT9K27BE5VSSMHKAFZQGMV8AV8YFMY4DAD |
Date: July 13th 2023 A: SP2KW0M6MBSSAV1BFDKH56VFNZK73Z36C0N369K9M likely similar cases, other incoming transactions on the scammers' address: |
June 15th A: SP20ATZMT9K27BE5VSSMHKAFZQGMV8AV8YFMY4DAD |
June 17, 2023 A. Scammers addresses: SP6RBV6HPPVJQ319AGK5Z7YA23YSNNZGX5QDTESG SP1S7XGG3Z9K2163E6F63RYMQC5KXPKEGBFM9EHNY B. Fake iOS/Android app C. In this final transaction, 11,658 STX were sent to Kucoin Exchange: https://explorer.hiro.so/txid/0x26d027e73889a1efa1bd60233beb87a089a660861bdc5291de99869288a802df?chain=mainnet Sent to: Exchange Kucoin - SPX8T06E8FJQ33CX8YVR9CC6D9DSTF6JE0Y8R7DS |
October 6, 2023 A. SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT B. Unknown phishing scam Scammer sent funds to Simpleswap.io: SP22GF51PH2HRMWME1HJMDB54VFY5YMZXCMXKZ26V Additional related transactionsThe thiefs account has swapped or transferred funds to other accounts: 10,210.371718 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SP3ZDEKW41WWVS3MF50TN33PW99YN9XF6N63BRANK SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT swapped STX (10k) to xBTC 20,500 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SP3JED59RPM3QNRPC17KATCTNCC8PPHGG5C2RF22N 21000 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SP9HWJAZTKXWNPM39N7P1FXVPMMJMCPCW5KM25B7 21,500 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SP3Y8G53WQ7QHTAVY4809GKM8K5D5RQNZB258SJBW 21,200 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SP2VFNF4KWECVEVBD910S1DDVTXTTFK6Y4VBKQ2NY 26,511.639477 STX from SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT to SPV8W17TNHHQPY3BRAG79TSEWWECV1D949ADKEEN last checked 08.00h GMT / 10.00h CET / 04.00h EDT Accounts with stolen funds related to this theft (likely owned by the thief): Used Simpleswap.io bridge with these memo's: CWf47qnFVud48mL, sZSVJdpT5iFwXLT, BdsndVXdWV74sAd **** Update October 18th 2023 **** SP2T8R1SSNJ9YQNPG7T1HBB7VF5FXJJP0KVN3JNRT SP3ZDEKW41WWVS3MF50TN33PW99YN9XF6N63BRANK SP3Y8G53WQ7QHTAVY4809GKM8K5D5RQNZB258SJBW SP2VFNF4KWECVEVBD910S1DDVTXTTFK6Y4VBKQ2NY SPV8W17TNHHQPY3BRAG79TSEWWECV1D949ADKEEN Simpleswap.io memo's used: 57aZcFc1acTP27P, bu8wjpBCyx68WRu, HhUd5sLHoYBLQzU, CusRSXfTssVJCQu, ZTiQXpoRfbssKtC |
A: SP2KW0M6MBSSAV1BFDKH56VFNZK73Z36C0N369K9M --> SPNP4WKB4WHDSEM72CX9RT4ZAXRA9DY35XR93Z3Q --> SP1SFPCMWKJ3MBBEQ6JKF3FKA17W65AHRG2NJG2A1 --> (likely the offramp to Like similar cases reported here earlier: #3931 (comment) |
A. SP3CF28QZ3EQ9T8SD7MTBXAGK4MZXQB672NDRR0XB |
A. Stacks Address(es) (of hacker/scammer), B. Very short description of hack/scam (max three words), C. Involved transaction(s) id or explorer links. The scammer used this bridge transaction |
A. Stacks address of the scammer/hacker B. Short description |
A. SP229ZRR5W3FGCNBHCW71QA30XJ4K7D6J6MRXD6SC |
A. SP2MGA2YR7FHXR6YDXN1KJM74RYWNBFYZGQ8JV9WK and --> SP8EN907FP4WKMM27B5EPG2HFMHV3BT14FPD8HZA (and many others) |
April 16, 2024 A. Scammers Addresses: SP25MMGERHCRRBBQ0GHHFK1JVAHX7RSQMVJ9Q3BS6 and ---> bc1pzy5gz33a2cf8jmeaex829zuu3dx5xnhpupzm0wua7wzn6gtukhxs5crr5e B. Unauthorized transfer/Compromised Secret Key. C. Involved Transactions: Stacks tx: https://explorer.hiro.so/txid/0x4bce34568d6dd3fd40ba32666e22f790a98616c106d2b2a3cda0d8a5eb770955?chain=mainnet |
July 1st 2024 A. Scammer addresses SP2AKYDTTKYD3F3NH57ZHNTJD0Z1QSJMG6NYT5KJG ---> SP36WZV3YE1YHYSTBR8BJGMF8VTSN3J9F8XPS3E6N B. scam token lured user to scam dapp to use function call "claim" that is created with post-conditions in "allow mode". C. Related "claim" transaction that drained the wallet https://explorer.hiro.so/txid/0x3826c9ce79607ccf9a45d134bad31ec4fcc8119c7f3d3bda15e3d6ffa54869ec?utm_source=leather-wallet&chain=mainnet thief transferred funds subsequently https://explorer.hiro.so/txid/0x6538cf8db95de80131153ea17bc57caa818729b697e35e8f4f2805a1b56d4613?chain=mainnet |
This topic is to collect addresses from known hackers/phishers/abusers.
For users who have fallen victim to a hack, phishing scam or otherwise you can report here and additionally are advised to report to local Police.
If your issues are related specifically to bitcoin addresses report here (too):
Add the following details:
A. Stacks Address(es) (of hacker/scammer),
B. Very short description of hack/scam (max three words),
C. Involved transaction(s) id or explorer links.
The text was updated successfully, but these errors were encountered: