Topic: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented - page 31. (Read 92822 times)

This is crazy, how do you decided to take my funds as a donation on your own?

There are chips with 0.001 BTC, 0.002 BTC, 0.004 BTC and so on till 4.096 BTC. When you deposit your Bitcoins, you receive same amount in chips.

I really, really want 1 BTC chip!

You are in luck! We have introduced commonize function which will swap your weird looking 1.024 BTC chip into 1 BTC chip and weird looking 0.512 BTC into 0.5 BTC.

Using this action will cost you the weird part of chip which is around 2% fee.

Minimum deposit is 0.001 BTC - lowest chip size. If you deposit less then you have to deposit missing amount to receive a chip.
Second minimum deposit is 0.002 BTC. If you deposit between 0.001 and 0.002 BTC you will receive only 1 mBTC chip and rest will be autodonated.

If you deposit 0.1234 BTC (123.4 mBTC) you will receive 123 mBTC chips. 0.4 mBTC will be autodonated.

0.00095897 btc
[...]
This is crazy, how do you decided to take my funds as a donation on your own?

Minimum deposit is 0.001 BTC - lowest chip size. If you deposit less then you have to deposit missing amount to receive a chip.
Second minimum deposit is 0.002 BTC. If you deposit between 0.001 and 0.002 BTC you will receive only 1 mBTC chip and rest will be autodonated.

If you deposit 0.1234 BTC (123.4 mBTC) you will receive 123 mBTC chips. 0.4 mBTC will be autodonated.

Attacker gained access to our .com server IP at 2021-09-23. They used it to create two SSL certificate - one with Cloudflare (https://crt.sh/?id=5270080144) - second with Lets Encrypt (https://crt.sh/?id=5281011754).

I think it's time to totally switch to Chipmixer .onion version and use clearnet version only as an entry point that is redirecting to .onion version (I think someone suggested this few months ago).

-snip-
Just a bit surprised when importing a private key into Electrum, I got 0 balance. when rechecking again, I'm forgotten to add the bech32 colon on the front private key (p2wpkh:) ( I remembered using an old chipmixer with legacy address without colon on the front).

This is just for attention, don't be panic, maybe you didn't correct put the private key.

I think it's time to totally switch to Chipmixer .onion version and use clearnet version only as an entry point that is redirecting to .onion version (I think someone suggested this few months ago).

Still think members should be on alert that the mixer may be currently broken.

@chipmixer, is there any way you could encode some sort of catch-all that sweeps through the database of sessions (either after 12 hours or at a random time when load is low) to see if there are any deposits that have been missed this way?

Over last few days IP address of .com server have been switched to another server for about 30 minutes about 3 times per day. Attacker used it to create valid SSL certificate and then served their own version of service with minor cosmetic changes.

Important announcement

There has been successful attack on ChipMixer communication integrity. Small part of traffic to/from ChipMixer.com website has been compromised. Please read on to decide what to do next.

If you are using Tor and .onion to access ChipMixer - you are not affected.

If you are not using Tor and visit .com to access ChipMixer - there is a chance you have been affected. Sweep all chips you have received in last 7 days and treat them as linked with your deposit.

If you are using Tor and .com to access ChipMixer - please stop it and start using Tor with .onion. This is very bad for your privacy and your funds safety. Please read second part of this message. Also there is a chance you have been affected. Sweep all chips you have received in last 7 days and treat them as linked with your deposit.

Details of attack

Over last few days IP address of .com server have been switched to another server for about 30 minutes about 3 times per day. Attacker used it to create valid SSL certificate and then served their own version of service with minor cosmetic changes.
There were four effects:
1. If your session already started - your browser sent your cookies (session token) to attacker and they withdrawn and sweeped your chips.
2. If you created new session - attacker displayed their deposit address and you have never received your chips.
3. If you accessed .com only to get .onion address - attacker displayed their .onion address.
4. If you tried to redeem voucher - it was not redeemed instantly - you should redeem it as soon as possible.
This affected small part of customers and we assume it was motivated to steal Bitcoins not privacy - if you were using .com and were not affected - you should still assume your privacy has been affected.

None of the servers were compromised. Mitigations are in place.

---

If you are using Tor to access .com - you may be affected by different attack made with Tor Exit Node. At least one of them proxies .com using forged SSL certificate and replaces all bitcoin addresses to theirs.

I've tested this, and I can't reproduce this problem: I installed Metamask in Firefox and Chrome (in a VM), and restored my session on chipmixer.com. In all instances the deposit address was the same.

Metamask steals your money with chipmixer.

Everyone who has a Metamask extension in any of the browser.

Check.

Go to the white site chipmixer.com

Create a session.

You must be extruded.

On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/#your_session ("Restore Your Session" Top or "Link" DOWN).

Voila, the page reboots, no cappip, the deposit address is different.

Reading up in the thread there was a previous incident with an SSL certificate change. I just checked and the SSL certificate was different than the one I was issued for my transaction.