26/06/08. Blackmail, Extortion and Secrets behind BLCC Gold

This disgusting story I’m going to tell you today really reveals all the darkest secrets we can see in this industry. I decided to dedicate the whole article to this matter today as I was amazed and unpleasantly surprised by how things get done in this industry. I spent some time thinking it over and I would like to share my thoughts on the matter. I’d also like to say from the start that I’m not a judge here and both sides of the story seem totally ugly to me. I would call it a story of blackmail, extortion and secrets behind BLCC.

As you know many sites are now hosted by BLCC (BlackLotus) hosting provider and it looks like their ads are all over the Internet now. Among the sites I monitor they are on AcmosTrade, 8DailyForever, EliteMoney, AgriFund and ProfitsAddict. As a rule these sites had some difficulties with DDoS-attacks which made them upgrade their level of protection to a more powerful one. Surely they had to pay some money for it. And since most of them don’t have any source of income accept the members’ deposits it means that actually the investors paid to BLCC from their own pocket. And then after upgrading to the higher level of security these attacks miraculously ended. Well, not all the attacks. I guess when it comes to real attacks BlackLotus can’t do anything to prevent them from happening. Just remember AcmosTrade with their one week long downtime though I’m sure this program pays thousands of dollars for the protection and even has two mirror domains. But it seems BLCC was helpless to prevent these real attacks.

Why am I telling you all this stuff? Well, in my opinion everybody should be aware of the quality of hosting they are about to buy. And also it’s connected with the story of a blackmail letter that was received by the admin of BLCC from (guess who?) the admin of 12Daily.Pro Bryan. Well, I guess I should really let you read this letter for yourself. So here it is:

“I have an offer you can’t refuse. You transfer $500 to our LR account U7956114 and we post that all of our issues with blccgold have been solved professionally and in a timely manner and apologize for talking bad about you.
If you don’t we will post some interesting private and publicly available information about your business practices and our 1300+ members will have a nice read of this topic of course. Here’s a small overview:
– DDoS attack on our site when we were on level 1 which suddenly stops after moving to level2
– some “hackers” manipulating our sites’ payment processor accounts for upgrades who never returned after we switched hosting
– publicly available updates by Surf-Redefined admin talking about a similar issue
– publicly available V-Project‘s extortion story
– some interesting info of Dave aka Exist1
– the fact that Tradelite used BlockDos protection, switched to BlackLotus and switched back to BlockDos
I doubt that this will destroy your business, but at least investors will start questioning your reliability and will avoid programs hosted by blcc.”

Sounds interesting? Well, of course I can’t approve of such extortionate behaviour from the admin of 12Daily.Pro and in my opinion he should have told us about these scamming practices by BLCC anyway and not try to cash in on the situation for himself. And of course I can’t believe Brian when he claims that it was done for the sake of the members: “We expected this reaction. Looks like we will have $500 less for refunds and our members will find out some interesting facts about BLCC Gold. Extortion? No extortion at all. We just tried to get our members’ upgrades back as the “hacker” was able to steal over $400.”

So what is really behind the “hacking” story of 12Daily.Pro? Was it really possible that BLCC could damage 12Daily.Pro in some way and therefore bring the end of the Round one closer? I was curious to know more and here’s what Brian told on the forum regarding this:
“If you are eager to know more of what was happening behind the scenes in Round 1, read on:
As some of our members might remember we have had to switch our hosting twice. And both times BlackLotus was the reason. The first time our site seemingly fell victim to a DDoS attack and after contacting BLCC it was moved to the next higher protection plan and members had to wait for DNS propagation. Nothing special you might think, but the “attack” suddenly stopped just after we transferred money for the next higher protection level. So later we actually had two copies of our site running simultaneously and there was much confusion until we deleted the index.php file on the old host. Some members probably noticed that their recent upgrades “disappeared” overnight back then. This was due to the fact that they upgraded via the old site in the evening and accessed the new one in the morning.
The second time was when the actual problems began. We received some complaints from our members about their upgrades not being credited instantly. After checking their transaction details we discovered that the funds were transferred to a totally unknown account. We checked the files containing our program’s e-currency details and saw that they were manipulated. We have tried to change the FTP/Admin panel passwords, but after 20 minutes they were changed back to the old ones! So changing the files via FTP wouldn’t help us as the supposed “hacker” had full control over the server. That is why we put the maintenance notice on our main page and moved to another host that was actually waiting for us anyway as BlackLotus would not be able to handle the attack levels we expected. After moving to another hosting provider we have never had any hacking attempts so either BlackLotus are the “hackers” themselves or their servers aren’t well enough protected against hackers.”

Sounds strange, eh? It might sound even stranger if you consider some other stories that happened to other sites. The most recent case is the collapse of V-Project which I’m now sure happened because of BLCC extortion attempts. As you may remember Amanda was told to pay $8750 to stop DDoS-attacks on the V-Project site which ended with the site going offline and many members losing money there. You also should remember that Amanda, the admin of V-Project wasn’t allowed to have access to back-up files through the cPanel which was not normal even if the DDoS-attack actually existed. I would not be surprised if BLCC creates DDoS-attacks themselves to extort more money for the higher protection levels.

But that’s not all. A similar hacking attempt happened to 12Daily.Pro site that also happened to Surf-Redefined site. If you remember the admin John Keller left this indication about BLCC Gold’s wrong doings: “Hey guys, sorry for the website being on maintenance mode right now, it has been some days now since some hackers have tried to get into our system and changed our payment data, but there is very minimal damage like only $25 directed to his account. It has come to a point where the hacker has been trying to extort money from me in order to stop his attack. Also at this point the hacker has injected something in the server that modifies and alters the files and database into his payment data so upgrades would go to his accounts, that is the main reason why I put the website on hold right now, until I am able to remedy this or move servers, everything is safe and no money has been hacked, only the site files are being manipulated by this hacker.” So what was it? Again some BLCC hackers wanted to steal our money? It’s very good in my opinion that Surf-Redefined changed their hosting provider after that incident and now fortunately the site is running well and stable without any issues (you can read my interview with John here).

And sorry, but that is not the end of the allegations against BLCC Gold or BlackLotus. In my opinion, even those facts would be enough regard BLCC as simply a bunch of criminals and hackers. But let’s go to the not so distant past and let Dave aka Exist1 speak about the BLCC hosting provider. Thanks to Brian who questioned him about his past experience with BlackLotus back when Dave ran their famous ProfitPro sites. Especially these strange hacking attempts were the reasons why Dave abandoned BLCC Gold:

“That is one of the reasons although we didn’t use E-Gold but LibertyReserve. I suggest if you are going to use them, make sure that you do not have the passwords included on any of your scripts,… even if it is encrypted, they can find a way. I truly believe they are a bunch of hackers also but you can’t do anything because you cannot prove it. The other thing is they think they know what they are doing during DDOS attacks but they don’t have a clue how to stop one. They will try different approaches but will just produce more problems in your end.

Here’s what happened during the first days of my program with them… remember that I had a massive pre-launch campaign, many set aside a significant amount to join my program and be one of the early members. With that, when we officially launched, we had a significant amount on both our payment processors (LR and STP). During the first week, me and my programmer Gotenks noticed that everytime we log-in to the FTP to make revisions, there’s always one extra person logged-in too. We’d contact BLCC to ask why and their reply has always been “They will check.” and follow it up with “It was just us there and nobody else.”, then we’ll check it again and truly, the “other” person’s gone. It happened many times during that week. Finally they said, we were on a shared server so maybe, the “other” person is accessing their own program’s FTP at the same time. They said “maybe” (meaning they have no idea what they were talking about and just guessing) and that other person will not show up on our list unless he used the same address, username and password to access the FTP (another incompetence on their part). It was a good thing that I had a backup LR account where I transfer the money from the main account at least twice a day, because we finally got hacked by whoever that “other” person is and managed to clean the main LR account. Good thing the amount wasn’t significant as I already did my transfer to backup account. We contacted BLCC and they told us they don’t know anything about that. Me and Gotenks decided to remove auto payment and do manual payment from then on. This was when we were starting to get DDOS attacked (maybe they were the ones doing it in the first place) just to get our attention off the hacker. Now, everytime they say they are going to fix something, they also needed something (money!)… they always say that our current level can’t handle the attacks and that we should go for the higher levels. So we did. Then they say they are managing to control the attacks, but new problems kept popping out (members can’t access the website, very slow, site freezes, referral link not working, etc.). Oh and everytime we email them with the problem, they either say they are doing something about it or we have to modify our script because it’s our fault. And some of their answers sounds like they are pissed off. What can we do? Our site is not running smoothly and problems keeps popping out left and right and we got hacked! Finally we gave up on them and looked for another service. We didn’t even tell them until the move was already done. And that’s when they started whining in the forums about how unprofessional we were. And how they did their best to control the problems. So bottomline, they were the good guys in the end and we were the bad guys, just so to protect their current customers and future ones.”

As you can see from the above-mentioned facts these BLCC guys are truly the crooks here and I would advise any online programs looking for a reliable hosting provider forget about BlackLotus criminals and seek out someone else to host on. By the way, it was the main purpose of this article. Of course, I can’t approve of Brian blackmailing BlackLotus admin but in my honest opinion the crimes committed by BLCC Gold are the more serious and important to discuss. They are truly the ones who made the members suffer when even honest admins fall victim to their hacking or extortion attempts to upgrade to a higher level of protection (if they actually have one at all). In my opinion, such crooks cannot be tolerated in this industry and it proves again that not all the DDoS-protection providers are good just because they are advertised heavily.

So what can be done against those BLCC crooks? In my opinion, such programs with direct payouts like AgriFund and EliteMoney have nothing to worry about as they can’t be hacked and even if they are sometimes offline it will not make them weaker. But I think that such programs as 8DailyForever and AcmosTrade that are heavily dependant on the amount of daily traffic to their sites should really think twice and maybe even drop BLCC services and change their hosting provider so as not to be sorry in the future.

Just look at an example of a very stable and one of the hottest programs now like Tradelite. There was a time when they tested the hosting providers before staying with BlockDos on a constant basis. So after trying out BlackLotus Tradelite switched back to BlockDos as soon as possible. Was it a coincidence? I don’t think so. Possibly Tradelite specialists just saw what an awful scamming company BLCC was. So in my opinion, you’d better heed this example if you’re hosted on BlackLotus – “the world’s largest DDoS protected hosting provider specializing in digital currency and investment clients” as they call themselves. You will be much safer then. And don’t tell me after that you haven’t been warned. Because you were!

Sorry for my long article but I cant just sit and watch while these BLCC scammers are destroying the industry and hurting good programs and their clients. I doubt I can hurt their business much but I hope my article can change their scammers’ approach and make them run their business more honestly if it’s possible of course.

By the way, I almost forgot to mention that I joined an autosurf program today that is destined to become great – it’s called SourceLinkAds and offers two plans: 13% for 9 days (117% with the payouts that you can request on business days) and 144% after 18 days (payouts on expiry). SourceLinkAds is a very new program and is only 2 days online. They accept LibertyReserve, SolidTrustPay, e-gold and AlterGold. The admin Robert seems to be a very professional person and I hope to conduct an interview with him soon. A review of SourceLinkAds will be published very soon on my blog. Stay tuned for that and I’ll see you tomorrow on my blog!