Did one of TheShadowBroker's "Monthly Dump Service" customers leave them a bad review? Maybe. (update: YES)

in #shadowbrokers4 years ago (edited)

Update: 7/14 11:40 AM EST:
@fsyourmoms posted and tweeted the secret tx key. It provides cryptographic proof that they did in fact pay 500 XMR to TheShadowBrokers.

I wrote an update with instructions on how to verify the proof yourself.

My original post is below:

On July 11th, @fsyourmoms wrote a Steemit post titled, TheShadowBrokers are NOT Making America Great again!!!.

The poster claims to be one of TheShadowBroker's "Monthly Dump Service" customers. The post begins:

TheShadowBrokers ripped me off. I paid 500 XMR for their “Wine of the Month Club” and only they sent me a single tool that already requires me to have a box exploited. A tool, not even an exploit! The tool also looks to be old, and not close to what theShadowBrokers said could be in their subscription service.

The rest of the post is an interesting tirade against TheShadowBrokers.

I will provide one piece of evidence that everyone else appears to have missed.

Is @fsyourmoms really one of TheShadowBrokers' customers?

About a week ago, I made a post describing how I was able to scrape all e-mail addresses from the Monero blockchain. By doing this, I was able to come up with a list of e-mail addresses belonging to @TheShadowBrokers' possible Monero customers.

One of the e-mail addresses I found was [email protected]**********.com. This is very similar to @fsyourmoms username.
Here's the Monero transaction. You can convert the payment ID from hex to ASCII here.

This lends some credence to the post, but doesn't definitively prove its legitimacy.

If it is a hoax, it's likely someone who read my previous post (or did the analysis themselves), took the time to look at the raw data included in that post and saw the fucksyourmoms e-mail address and decided to use the alias.

If it's not a hoax and @fsyourmoms wants to improve their credibility, they could prove they're legit in the following ways:

1.) Using the e-mail address from the tx linked above. (Proves identity but doesn't actually prove payment was sent.)
2.) Post the secret tx key from their Monero payment to TSB. (Proves identity AND that payment was sent.)

Assuming they didn't use a web wallet, I think it should be possible for @fsyourmoms to prove that the payment was sent to TSB using the tx private key. Here's an example of what it looks like in the Monero GUI wallet:

Screenshot 2017-07-12 17.20.45.png

(Personally, I think they should just be glad they didn't get sent something boring like "compromised network data from more SWIFT providers and Central banks" or "compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs".)


  • a few minor typos and clarified some stuff.
  • someone on twitter pointed out that I mistakenly linked to a TSB post instead of fsyourmoms' post. I fixed it. Sorry if this confused anyone.

contact: [email protected] PGP key
Fingerprint: A23F ADBB B60C D762 0F29 68AE 9454 08E6 671A 94DD

Follow me on twitter. Not very active there but will tweet any new posts.


Hey! VICE Motherboard reporter here. Can we chat about this? My email: [email protected], and Jabber: [email protected]

Fsyourmoms Fsyourmoms tweeted @ 14 Jul 2017 - 12:53 UTC


steemit.com/shadowbrokers/… / https://t.co/vVeL3fXRRL

TX KEY: a944723f77415dd06c5d34260363935e24ac6d5ac7fe711366f64768fa055803… twitter.com/i/web/status/8…

steemwh1sks wh1sks tweeted @ 14 Jul 2017 - 14:52 UTC

OP delivered. Cryptographic proof that @fsyourmoms paid 500 XMR to TSB. Posting instructions on how you can verify… twitter.com/i/web/status/8…

Disclaimer: I am just a bot trying to be helpful.

Coin Marketplace

STEEM 0.41
TRX 0.06
JST 0.043
BTC 37372.91
ETH 2235.02
USDT 1.00
SBD 6.66