Audit log

Every state-changing event for HashOcean: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-31 19:42:49Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,439,998

   sig

   5X76JMAB7EDu…cjPkvXA8copyexplorer ↗

   hash

   DDMUSHwcR1MM…ifawCAj5copysha256 → base58

   verifying row…full verify ↗

   canonical bytes (21565 B) ▸

   {"actor":"system:backfill","investigation_id":"34a8414f-8594-423f-b23c-92dc51cf5c40","kind":"publish","page_slug":"hashocean","published_at":"2026-05-31T19:42:49.501Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"HashOcean","sections":[{"content":"HashOcean presented itself as a Bitcoin cloud-mining cooperative with a claimed registered address at 199 Leidesdorff St, San Francisco, California. The platform advertised seven data centers located in cities including San Francisco, New York, Nuremberg, and Singapore, and offered users free hashrate — approximately 15 KH/s — upon account creation, a mechanism that served as a key user-acquisition tool. Customers could purchase cloud-mining contracts denominated in Bitcoin in exchange for a promised share of daily mining rewards. The platform accepted deposits and paid out small daily returns to users over an extended operating period. No evidence of actual mining hardware or infrastructure was ever independently verified; analysts later concluded the claimed facilities were fabricated. According to reporting by bitcoinmining.com (May 2017), HashOcean had an 'awful reputation for not paying their customers and clients on time.' A separate community report and analysis by digiconomist.net identified the operation's structure as consistent with a Ponzi scheme, in which returns to existing investors are funded by capital from new participants rather than genuine mining revenue.","heading":"Background and Business Model","severity":"critical","sources":[{"credibility":2,"name":"HashOcean Cloud Mining Scam or Not? — BitcoinMining.com","type":"news_article","url":"https://www.bitcoinmining.com/hashocean-cloud-mining-scam-or-not/"},{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"},{"credibility":3,"name":"HashOcean — Company Profile, Tracxn","type":"other","url":"https://tracxn.com/d/companies/hashocean/__ypei1zlrG9GkXr_f90H6tt5OQQryKVRobLTOcgrYmH0"}]},{"content":"The HashOcean website became inaccessible on or after 6:00 PM on June 25, 2016. Users reported that the last automated daily profit calculation email they received was dated June 25, 2016. The platform's YouTube channel and Facebook page were also deleted or became unreachable around the same time. Within days, HashOcean's associated social media accounts and customer support went offline entirely. Withdrawal requests entered a perpetual pending state. A Bitcoin Forum thread opened June 26, 2016, documented user reports of inaccessibility and noted the domain was allegedly listed for sale on a domain marketplace. The platform's operators subsequently issued a statement, via a new Facebook page, claiming: 'Last night we got attacked by hacker which somehow can access our domain and posted our domain for sale.' The operators further claimed they retained a database backup dated June 25, 2016, and that mining operations remained unaffected. They cited a hacker group called 'Prabl0Dynamic HK' as responsible. These claims were widely dismissed by the user community and independent analysts as consistent with a standard exit-scam narrative. The domain never resumed normal service. According to an estimate cited by multiple community sources, HashOcean had generated on average approximately 140 BTC per day over roughly 20 months of operation, suggesting total gross intake in the range of approximately $50 million USD at mid-2016 valuations, though this figure is derived from community estimates and has not been confirmed by auditors or law enforcement.","heading":"Disappearance and Alleged Exit Scam","severity":"critical","sources":[{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"},{"credibility":3,"name":"HashOcean disapeared and scammed 700,000 users? — BitcoinTalk Forum","type":"community_report","url":"https://bitcointalk.org/index.php?topic=1527550.0"},{"credibility":2,"name":"HashOcean Is Not Dead Yet By The Look of Things — The Merkle","type":"news_article","url":"https://themerkle.com/hashocean-is-not-dead-yet-by-the-look-of-things/"},{"credibility":3,"name":"Bitcoin Alert – HashOcean: Diary of a Scam — Sup-a-Dillie-O Blog","type":"community_report","url":"https://dillieodigital.wordpress.com/2016/07/05/bitcoin-alert-hashocean-diary-of-a-scam/"}]},{"content":"Independent analysis by digiconomist.net, cited in Crypto.news reporting, formally characterized HashOcean as a Ponzi scheme — a structure in which investor returns are funded by capital injections from newer participants rather than underlying economic activity. The platform offered a 'free' hashrate bonus on signup that had no cost to the operator since no real mining was occurring, functioning instead as a viral recruitment mechanism. Researchers also noted that HashOcean's website was built on a commercially available HYIP (High-Yield Investment Program) script, the same script that powered multiple other fraudulent cloud-mining operations including BitsRapid, GainBitcoin, and TopMine. A BitcoinTalk thread from July 2016 identified a '1:1 HashOcean script' being sold by a vendor called HYIPSHOP.com, suggesting the platform's technology was a turnkey fraud toolkit rather than purpose-built mining infrastructure. The operation reportedly ran for approximately 20 months before collapsing, a duration consistent with Ponzi structures that sustain payouts until the inflow of new capital can no longer cover redemption obligations.","heading":"Ponzi Scheme Structure","severity":"critical","sources":[{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"},{"credibility":3,"name":"HYIP Scripts & HashOcean — BitcoinTalk Forum","type":"community_report","url":"https://bitcointalk.org/index.php?topic=1529196.0"},{"credibility":2,"name":"HashOcean: Another Cloud Mining Scam? — Bitcoin.com News","type":"news_article","url":"https://news.bitcoin.com/hashocean-cloud-mining-scam/"},{"credibility":2,"name":"Crypto Mining Scams: A Multi-Billion Industry — Coinmonks / Medium","type":"research","url":"https://medium.com/coinmonks/crypto-mining-scams-a-multi-billion-industry-94af54a52990"}]},{"content":"Following the disappearance, three separate online petitions were organized on Avaaz and Change.org by affected users in Brazil, the United Kingdom, and Argentina. By July 6, 2016, the petitions had gathered over 5,000 combined signatures, calling on the FBI, CIA, Interpol, and MI6 to investigate and identify the operators of hashocean.com. A petition submitted to Change.org explicitly named an approximate count of '700,000 people swindled.' A Facebook group called 'Find Hashocean,' created by a user identified as Hugo Trombini, aggregated shared information including alleged IP addresses and contact details intended for law enforcement. A separate group with approximately 900 members called 'FINDHASHOCEAN' also formed. At the time of available reporting (July 2016), no formal law enforcement response, arrest, or prosecution had been announced. No subsequent Tier 1 sources confirm any criminal or civil action against identified HashOcean operators.","heading":"Victim Response and Petitions","severity":"high","sources":[{"credibility":2,"name":"HashOcean Scam Victims Sign Petitions to FBI, Hackers to Reveal More Scams — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/hashocean-scam-victims-sign-petitions-to-fbi-hackers-to-reveal-more-scams"},{"credibility":3,"name":"Petition: FBI And Interpol — HashOcean 700,000 people swindled — Change.org","type":"community_report","url":"https://www.change.org/p/fbi-fbi-and-interpol-hashocean-700-000-people-swindled"},{"credibility":3,"name":"Petition: BTC-E.COM must answer to the Authorities about HASHOCEAN.COM — Change.org","type":"community_report","url":"https://www.change.org/p/btc-e-com-btc-e-com-must-answer-to-the-authorities-about-hashocean-com"},{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"}]},{"content":"In the immediate aftermath of the HashOcean shutdown, several fraudulent copycat domains emerged. A site operating as 'HashOceans' (hashoceans.com) targeted former HashOcean users, falsely claiming to facilitate fund recovery while harvesting login credentials including email addresses, passwords, and Bitcoin wallet addresses. A separate site at hashocean.co.uk also appeared. A white-hat group called Kypertech reportedly tracked these copycat operations and issued public warnings to prevent secondary victimization. The Bitcoin Alert blog documented that profile photos used on the original HashOcean website appeared to be stock images or photos stolen from unrelated individuals, suggesting the founders' representations were fabricated. Reports also identified a new service called Bitsrapid, allegedly connected to the same operators, that launched in June 2016.","heading":"Copycat and Phishing Sites","severity":"high","sources":[{"credibility":3,"name":"Bitcoin Alert – HashOcean: Diary of a Scam — Sup-a-Dillie-O Blog","type":"community_report","url":"https://dillieodigital.wordpress.com/2016/07/05/bitcoin-alert-hashocean-diary-of-a-scam/"},{"credibility":2,"name":"HashOcean Cloud Mining Scam or Not? — BitcoinMining.com","type":"news_article","url":"https://www.bitcoinmining.com/hashocean-cloud-mining-scam-or-not/"},{"credibility":3,"name":"HASHOCEAN Scam is Back as Bitsrapid (June 2016) — Steemit","type":"community_report","url":"https://steemit.com/hashocean/@rowbvp/hashocean-scam-is-back-as-bitsrapid-june-2016"},{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"}]},{"content":"No verified founder or operator identity for HashOcean has been publicly established. The platform's website listed team member profiles, but at least some of these were alleged to use photographs stolen from unrelated third parties, rendering any names listed on the site unverifiable. WHOIS registration data for hashocean.com employed a privacy protection service, obscuring registrant details. Community investigators shared alleged IP addresses and contact information with law enforcement groups, but no public identification of individuals has followed. The San Francisco address (199 Leidesdorff St) cited in the platform's self-description has not been independently verified as a legitimate place of business. As of available reporting, the operators remain unidentified and no regulatory body has published enforcement action. This anonymity constitutes a significant compounding risk factor for the scheme's classification.","heading":"Operator Anonymity and Unresolved Identity","severity":"high","sources":[{"credibility":3,"name":"Bitcoin Alert – HashOcean: Diary of a Scam — Sup-a-Dillie-O Blog","type":"community_report","url":"https://dillieodigital.wordpress.com/2016/07/05/bitcoin-alert-hashocean-diary-of-a-scam/"},{"credibility":2,"name":"HashOcean Scam Victims Sign Petitions to FBI, Hackers to Reveal More Scams — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/hashocean-scam-victims-sign-petitions-to-fbi-hackers-to-reveal-more-scams"},{"credibility":2,"name":"Whois hashocean.com — Whois.com","type":"other","url":"https://www.whois.com/whois/hashocean.com"}]},{"content":"No Tier 1 source — including the SEC, CFTC, DOJ, FBI, Interpol, or any national regulatory body — has published a formal enforcement action, indictment, or press release specifically naming HashOcean or its operators. The petitions submitted to the FBI and Interpol by victims in 2016 did not result in any publicly documented law enforcement response as of available reporting. The absence of confirmed regulatory action may reflect jurisdictional complexity given the platform's global user base and anonymous operator structure, the relatively modest per-victim loss amounts, or the operational difficulties of prosecuting anonymous offshore actors. Confidence in this section is low due to the sole reliance on Tier 2–3 sources and the possibility that non-public investigations may have occurred or may be ongoing.","heading":"Regulatory and Law Enforcement Status","severity":"medium","sources":[{"credibility":2,"name":"HashOcean Scam Victims Sign Petitions to FBI, Hackers to Reveal More Scams — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/hashocean-scam-victims-sign-petitions-to-fbi-hackers-to-reveal-more-scams"},{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"}]},{"content":"This investigation relies primarily on Tier 2 crypto-news outlets (Crypto.news, Bitcoin.com News, The Merkle, CoinTelegraph) and Tier 3 community sources (BitcoinTalk, personal blogs, Change.org petitions). No Tier 1 sources — court filings, SEC/DOJ/CFTC actions, or major general-news outlets such as Reuters, Bloomberg, or the WSJ — were found that specifically cover HashOcean. Several CoinTelegraph article URLs returned 404 errors and could not be directly fetched to confirm their content; claims attributed to those articles are based on search-result snippets and secondary citations. The $50 million loss estimate is a community-derived calculation, not an audited figure. Confidence is set at 0.62, reflecting consistent cross-source agreement on the core facts (disappearance date, user count, Ponzi characterization) against a backdrop of low-tier primary sourcing and unverified operator identity.","heading":"Source Quality and Confidence Note","severity":"low","sources":[{"credibility":2,"name":"HashOcean Cloud Mining Scam or Not? — BitcoinMining.com","type":"news_article","url":"https://www.bitcoinmining.com/hashocean-cloud-mining-scam-or-not/"}]}],"sources_used":[{"credibility":2,"name":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","type":"news_article","url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"},{"credibility":2,"name":"HashOcean Scam Victims Sign Petitions to FBI, Hackers to Reveal More Scams — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/hashocean-scam-victims-sign-petitions-to-fbi-hackers-to-reveal-more-scams"},{"credibility":2,"name":"HashOcean: Another Cloud Mining Scam? — Bitcoin.com News","type":"news_article","url":"https://news.bitcoin.com/hashocean-cloud-mining-scam/"},{"credibility":2,"name":"HashOcean Cloud Mining Scam or Not? — BitcoinMining.com","type":"news_article","url":"https://www.bitcoinmining.com/hashocean-cloud-mining-scam-or-not/"},{"credibility":2,"name":"HashOcean Is Not Dead Yet By The Look of Things — The Merkle","type":"news_article","url":"https://themerkle.com/hashocean-is-not-dead-yet-by-the-look-of-things/"},{"credibility":3,"name":"Bitcoin Alert – HashOcean: Diary of a Scam — Sup-a-Dillie-O Blog","type":"community_report","url":"https://dillieodigital.wordpress.com/2016/07/05/bitcoin-alert-hashocean-diary-of-a-scam/"},{"credibility":3,"name":"HashOcean disapeared and scammed 700,000 users? — BitcoinTalk Forum","type":"community_report","url":"https://bitcointalk.org/index.php?topic=1527550.0"},{"credibility":3,"name":"HYIP Scripts & HashOcean — BitcoinTalk Forum","type":"community_report","url":"https://bitcointalk.org/index.php?topic=1529196.0"},{"credibility":3,"name":"Petition: FBI And Interpol — HashOcean 700,000 people swindled — Change.org","type":"community_report","url":"https://www.change.org/p/fbi-fbi-and-interpol-hashocean-700-000-people-swindled"},{"credibility":3,"name":"Petition: BTC-E.COM must answer to the Authorities about HASHOCEAN.COM — Change.org","type":"community_report","url":"https://www.change.org/p/btc-e-com-btc-e-com-must-answer-to-the-authorities-about-hashocean-com"},{"credibility":2,"name":"Cloud Mining Scams: Why You Should Own Your Hashrate Instead — D-Central","type":"research","url":"https://d-central.tech/avoid-cloud-mining-scams/"},{"credibility":2,"name":"Crypto Mining Scams: A Multi-Billion Industry — Coinmonks / Medium","type":"research","url":"https://medium.com/coinmonks/crypto-mining-scams-a-multi-billion-industry-94af54a52990"},{"credibility":3,"name":"HASHOCEAN Scam is Back as Bitsrapid (June 2016) — Steemit","type":"community_report","url":"https://steemit.com/hashocean/@rowbvp/hashocean-scam-is-back-as-bitsrapid-june-2016"},{"credibility":2,"name":"MineGate — another cloud mining service (HYIP) on the HashOcean engine — CryptoAge","type":"news_article","url":"https://cryptoage.com/en/670-minegate-another-cloud-mining-service-hyip-on-the-hashocean-engine.html"},{"credibility":2,"name":"Whois hashocean.com — Whois.com","type":"other","url":"https://www.whois.com/whois/hashocean.com"}],"summary":"HashOcean (hashocean.com) was a cloud-mining platform that operated from approximately 2014 to 2016, claiming to run data centers in San Francisco, New York, Nuremberg, and Singapore and offering free hashrate to new signups. The site disappeared on or after June 25, 2016, affecting an alleged 700,000 users worldwide. Independent analysis and community assessments characterized it as a Ponzi scheme; no verified law enforcement action or identified operators have been publicly confirmed.","timeline":[{"date":"2014-01-01","event":"HashOcean reportedly begins operating as a Bitcoin cloud-mining platform, claiming data centers in San Francisco, New York, Nuremberg, and Singapore. Exact launch date unconfirmed; multiple sources cite a 2014 or earlier founding.","source":"Tracxn company profile; BitcoinMining.com","source_url":"https://tracxn.com/d/companies/hashocean/__ypei1zlrG9GkXr_f90H6tt5OQQryKVRobLTOcgrYmH0"},{"date":"2015-01-01","event":"HashOcean operates at scale, offering 15 KH/s free hashrate on signup and daily BTC payouts. Community HYIP monitors list the site as active.","source":"D-Central cloud mining scam overview; various HYIP monitor listings","source_url":"https://d-central.tech/avoid-cloud-mining-scams/"},{"date":"2016-06-25","event":"HashOcean website goes offline after approximately 6:00 PM. The last automated daily profit calculation email is sent to users. YouTube channel and Facebook page are simultaneously deleted or made inaccessible.","source":"Defrauded HashOcean Investors Seek Reparation — Crypto.news","source_url":"https://crypto.news/defrauded-hashocean-cloud-mining-investors-seek-reparation/"},{"date":"2016-06-26","event":"HashOcean operators post on a new Facebook page claiming the domain was hacked by a group called 'Prabl0Dynamic HK' and placed for sale without authorization. They claim mining operations are unaffected and promise normal payouts will resume within 48 hours. A BitcoinTalk forum thread documents the disappearance.","source":"HashOcean Is Not Dead Yet By The Look of Things — The Merkle; BitcoinTalk forum thread","source_url":"https://themerkle.com/hashocean-is-not-dead-yet-by-the-look-of-things/"},{"date":"2016-06-29","event":"The Merkle reports that the domain remains down, fake copycat sites have appeared, and the HashOcean 'hack' narrative is met with widespread skepticism from community analysts.","source":"HashOcean Is Not Dead Yet By The Look of Things — The Merkle","source_url":"https://themerkle.com/hashocean-is-not-dead-yet-by-the-look-of-things/"},{"date":"2016-06-30","event":"A Change.org petition addressed to the FBI and Interpol, signed by over 1,200 supporters at the time of opening, is launched citing 700,000 swindled users.","source":"Petition: FBI And Interpol — HashOcean 700,000 people swindled — Change.org","source_url":"https://www.change.org/p/fbi-fbi-and-interpol-hashocean-700-000-people-swindled"},{"date":"2016-07-05","event":"A Bitcoin Alert blog post documents evidence that founder profile photos on HashOcean's website were stolen from unrelated individuals. Copycat domains hashoceans.com and hashocean.co.uk are identified as active phishing operations harvesting user credentials.","source":"Bitcoin Alert – HashOcean: Diary of a Scam — Sup-a-Dillie-O Blog","source_url":"https://dillieodigital.wordpress.com/2016/07/05/bitcoin-alert-hashocean-diary-of-a-scam/"},{"date":"2016-07-06","event":"Three petitions across Avaaz and Change.org accumulate over 5,000 combined signatures. CoinTelegraph reports on victim efforts to engage law enforcement.","source":"HashOcean Scam Victims Sign Petitions to FBI, Hackers to Reveal More Scams — CoinTelegraph","source_url":"https://cointelegraph.com/news/hashocean-scam-victims-sign-petitions-to-fbi-hackers-to-reveal-more-scams"},{"date":"2017-05-07","event":"BitcoinMining.com publishes a retrospective noting that HashOcean's operators never provided proof of mining capacity and characterizing the event as a likely scam, though stating no official confirmation had been issued.","source":"HashOcean Cloud Mining Scam or Not? — BitcoinMining.com","source_url":"https://www.bitcoinmining.com/hashocean-cloud-mining-scam-or-not/"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision fcc5c610-1b24-424d-b7a9-9c0e2431255dcopy