Pages:
Author

Topic: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented - page 31. (Read 92891 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
This is crazy, how do you decided to take my funds as a donation on your own?

It depends on how much money you wanted to mix. They describe how their mixing works in the first page of this thread;
Quote
There are chips with 0.001 BTC, 0.002 BTC, 0.004 BTC and so on till 4.096 BTC. When you deposit your Bitcoins, you receive same amount in chips.

Also, from their website:
Quote
I really, really want 1 BTC chip!

You are in luck! We have introduced commonize function which will swap your weird looking 1.024 BTC chip into 1 BTC chip and weird looking 0.512 BTC into 0.5 BTC.

Using this action will cost you the weird part of chip which is around 2% fee.

And:
Quote
Minimum deposit is 0.001 BTC - lowest chip size. If you deposit less then you have to deposit missing amount to receive a chip.
Second minimum deposit is 0.002 BTC. If you deposit between 0.001 and 0.002 BTC you will receive only 1 mBTC chip and rest will be autodonated.

If you deposit 0.1234 BTC (123.4 mBTC) you will receive 123 mBTC chips. 0.4 mBTC will be autodonated.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
0.00095897 btc
[...]
This is crazy, how do you decided to take my funds as a donation on your own?

It would be nice if when you use a service - any service - you would start with reading at least the rules / faq and such, to avoid surprises.
For example Chipmixer's FAQ starts with "How does deposit work?" where one can read

Minimum deposit is 0.001 BTC - lowest chip size. If you deposit less then you have to deposit missing amount to receive a chip.
Second minimum deposit is 0.002 BTC. If you deposit between 0.001 and 0.002 BTC you will receive only 1 mBTC chip and rest will be autodonated.

If you deposit 0.1234 BTC (123.4 mBTC) you will receive 123 mBTC chips. 0.4 mBTC will be autodonated.


Since you didn't transfer the minimum chip size, for now.. I guess that the software thought that you're just being nice.
However, I am sure that you will get an official answer if you have some patience.
newbie
Activity: 2
Merit: 0
@Chipmixer I sent you an email hours ago, and I have gotten no response.
Return my 0.00095897 btc value to my session token
I made a deposit some hours ago, left and came back and decided to restore my session, only to find this message:
You have donated 0.952 mBTC which is 100.0% of your deposit. Thank you!
As stated earlier, no one else uses my PC, I live a lone and the PC was on put on sleep mode, also I am certain I used the correct .TOR address, because I copied it from the first page. I did not donate a penny, PLEASE RESTORE MY coins!
This is crazy, how do you decided to take my funds as a donation on your own?
sr. member
Activity: 242
Merit: 250
So what's the status? is it safe to use again? should we avoid the clearnet version?
newbie
Activity: 29
Merit: 16
Attacker gained access to our .com server IP at 2021-09-23. They used it to create two SSL certificate - one with Cloudflare (https://crt.sh/?id=5270080144) - second with Lets Encrypt (https://crt.sh/?id=5281011754).

How is this even possible? Do you host this on VPS or in some sort of shared environment? Was server's content accessed?
Consider changing the host

Buy a dedicated server with access to KVM (dell idrac/HP ilo) then do system installation with full disk encryption. Change all default passwords/keys
There's literally 0 ways how you can get access to server contents this way, assuming all applications running on server and your own administrative credentials are secure.

Even if they somehow social engineer hosting company to get access to dedicated server, they won't be able to access the server's content

All they can do is just format the server and put phishing/proxy version via mounting some iso in rescue mode.

Finding a hosting company which deals with social engineering attempts in decent way is another story
legendary
Activity: 3472
Merit: 1724
Do not use .com version. Use .onion version.
I think it's time to totally switch to Chipmixer .onion version and use clearnet version only as an entry point that is redirecting to .onion version (I think someone suggested this few months ago).

Neither the FAQ, nor the articles make any mention of using the onion site and the advantages of doing so, maybe now would be a good time to update them.
legendary
Activity: 2296
Merit: 2892
#SWGT CERTIK Audited
-snip-
Just a bit surprised when importing a private key into Electrum, I got 0 balance. when rechecking again, I'm forgotten to add the bech32 colon on the front private key (p2wpkh:) ( I remembered using an old chipmixer with legacy address without colon on the front).

This is just for attention, don't be panic, maybe you didn't correct put the private key.
Now Chipmixer uses Segwit deposit addresses.
I also had a similar mistake when testing the onion v3 service in a closed beta while importing the private key into Electrum.
https://bitcointalksearch.org/topic/m.57505076

If you carefully read the instructions listed, this mistake does not need to occur.


legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I think it's time to totally switch to Chipmixer .onion version and use clearnet version only as an entry point that is redirecting to .onion version (I think someone suggested this few months ago).
That suggestion was to prevent DDOS, but still included a landing page on clearnet.
It's a serious worry on the internet if you can't trust clearnet domain names anymore.
legendary
Activity: 2212
Merit: 7064
Do not use .com version. Use .onion version.
I think it's time to totally switch to Chipmixer .onion version and use clearnet version only as an entry point that is redirecting to .onion version (I think someone suggested this few months ago).
sr. member
Activity: 456
Merit: 956
https://bitcointalk.org/index.php?topic=1935098
(removed)

Still think members should be on alert that the mixer may be currently broken.
This is correct.

@chipmixer, is there any way you could encode some sort of catch-all that sweeps through the database of sessions (either after 12 hours or at a random time when load is low) to see if there are any deposits that have been missed this way?
This issue (not recognizing some of deposits) has been solved around same time as Segwit update.
sr. member
Activity: 456
Merit: 956
https://bitcointalk.org/index.php?topic=1935098
Important announcement

There has been successful attack on ChipMixer communication integrity. Some part of traffic to/from ChipMixer.com website has been compromised. Please read on to decide what to do next.

If you are using Tor and .onion to access ChipMixer - you are not affected.

If you are not using Tor and visit .com to access ChipMixer - there is a chance you have been affected. Sweep all chips you have received in last 7 days and treat them as linked with your deposit.


Details of attack
We are not sure yet but it is similar to January attack:
Over last few days IP address of .com server have been switched to another server for about 30 minutes about 3 times per day. Attacker used it to create valid SSL certificate and then served their own version of service with minor cosmetic changes.

Attacker gained access to our .com server IP at 2021-09-23. They used it to create two SSL certificate - one with Cloudflare (https://crt.sh/?id=5270080144) - second with Lets Encrypt (https://crt.sh/?id=5281011754).

What next?
Do not use .com version. Use .onion version.
If you were affected - contact us at support email.

newbie
Activity: 6
Merit: 10
my coins got moved out of the deposit wallet address in this transaction

https://live.blockcypher.com/btc/tx/d2c6417b2fd81d93fad5f7ca32be7f260b6520ca5b1d5956f5c62bcd7e207f74/

@note-message is your tx in here? i see other coins on the merge transaction but I only deposited to one of them
newbie
Activity: 6
Merit: 10
Important announcement

There has been successful attack on ChipMixer communication integrity. Small part of traffic to/from ChipMixer.com website has been compromised. Please read on to decide what to do next.

If you are using Tor and .onion to access ChipMixer - you are not affected.

If you are not using Tor and visit .com to access ChipMixer - there is a chance you have been affected. Sweep all chips you have received in last 7 days and treat them as linked with your deposit.

If you are using Tor and .com to access ChipMixer - please stop it and start using Tor with .onion. This is very bad for your privacy and your funds safety. Please read second part of this message. Also there is a chance you have been affected. Sweep all chips you have received in last 7 days and treat them as linked with your deposit.

Details of attack

Over last few days IP address of .com server have been switched to another server for about 30 minutes about 3 times per day. Attacker used it to create valid SSL certificate and then served their own version of service with minor cosmetic changes.
There were four effects:
1. If your session already started - your browser sent your cookies (session token) to attacker and they withdrawn and sweeped your chips.
2. If you created new session - attacker displayed their deposit address and you have never received your chips.
3. If you accessed .com only to get .onion address - attacker displayed their .onion address.
4. If you tried to redeem voucher - it was not redeemed instantly - you should redeem it as soon as possible.
This affected small part of customers and we assume it was motivated to steal Bitcoins not privacy - if you were using .com and were not affected - you should still assume your privacy has been affected.

None of the servers were compromised. Mitigations are in place.


If you are using Tor to access .com - you may be affected by different attack made with Tor Exit Node. At least one of them proxies .com using forged SSL certificate and replaces all bitcoin addresses to theirs.

Looks like a repeat of this, not sure what "mitigations" were in place but they clearly didnt work because there was an SSL certificate issued yesterday for Chipmixer. My funds are still lost and no reply from admin.
newbie
Activity: 6
Merit: 10
SSL Certificate is changing on the clearnet website.....

https://i.imgur.com/Uj5smma.png
https://i.imgur.com/eO7oKbv.png

Why would the expiration date / signature change? There is no way that a faulty browser extension could fake an SSL certificate. I validated both certificates with letsencrypt and both are good.
legendary
Activity: 2212
Merit: 7064
I've tested this, and I can't reproduce this problem: I installed Metamask in Firefox and Chrome (in a VM), and restored my session on chipmixer.com. In all instances the deposit address was the same.
Are you sure you followed all ''instructions'' ?  Cheesy


EDIT:
I tested myself in two browsers Brave and Firefox with installed Metamask extension, and I was not able to reproduce this problem.
All restored sessions had the same addresses.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Quote from: deleted post
Metamask steals your money with chipmixer.

Everyone who has a Metamask extension in any of the browser.

Check.

Go to the white site chipmixer.com

Create a session.

You must be extruded.

On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/#your_session ("Restore Your Session" Top or "Link" DOWN).

Voila, the page reboots, no cappip, the deposit address is different.
I've tested this, and I can't reproduce this problem: I installed Metamask in Firefox and Chrome (in a VM), and restored my session on chipmixer.com. In all instances the deposit address was the same.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Reading up in the thread there was a previous incident with an SSL certificate change. I just checked and the SSL certificate was different than the one I was issued for my transaction.


Using clearnet with nothing else this probably shouldn't happen? If it's tor then I think I clarified on the last page what might've happened.
newbie
Activity: 6
Merit: 10
Reading up in the thread there was a previous incident with an SSL certificate change. I just checked and the SSL certificate was different than the one I was issued for my transaction.

I took these screenshots a while ago
https://i.imgur.com/Uj5smma.png
https://i.imgur.com/eO7oKbv.png

Go check the site now, the expiration dates and signatures are different

Not sure why they would be flipping between valid SSL certificates and selectively scamming on one cert.
legendary
Activity: 2366
Merit: 2054
today, I Just successfully mixed using a new site; http://chipmixorflykuxu56uxy7gf5o6ggig7xru7dnihc4fm4cxqsc63e6id.onion , with a fee rate of 1 satoshi, which I received in a few minutes.

Just a bit surprised when importing a private key into Electrum, I got 0 balance. when rechecking again, I'm forgotten to add the bech32 colon on the front private key (p2wpkh:) ( I remembered using an old chipmixer with legacy address without colon on the front).

This is just for attention, don't be panic, maybe you didn't correct put the private key.
legendary
Activity: 2212
Merit: 7064
You can't blame anyone if you are using old Tor Browser with bunch of extensions like android emulator and google translation... but wait for Chipmixer support to reply.
Latest Tor browser is 10.5.6, that means you are more than a year behind with many security updates, and we all said many times that Tor V3 is suggested and recommended much more than a clearnet version.
Note that it is possible in some cases for scammers to use exact same website and domain but just change receiving address.
One thing I am not sure, how or if Tor works in China, and if they are using vpn because they have to.
Pages:
Jump to: