Author

Topic: [banned mixer] has been hacked - I have lost my money (Read 214 times)

member
Activity: 100
Merit: 33
Well that's good to know what are other mixers that have had these types of problems and when they occurred and for how long etc.

Thanks for the heads up to those that use this service. I never felt the need but now that I'm buying Bitcoin more often I might consider it. Where on the Forum do I go read to start learning about this though.
sr. member
Activity: 451
Merit: 250
You should publicly upload some images about your cases here. I heard that many people lose their money with this services and I instantly went and check their ANN thread. It is quite curious (and a little suspicious) that many accounts were newbie (some even registered few hours ago) to jr member

But if it is true, I hope that you can get your money back
The nearest proof I find so far: https://bitcointalksearch.org/topic/m.56829362
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Moving forward, users just need to be cautious and take extra steps to ensure that they're sending funds to a correct destination. The fact that this happened to CryptoMixer doesn't mean that it won't happen to any other platform.
In fact, it happened to ChipMixer recently[1]. I suspect it would be something similar to BGP poisoning in conjunction with a hijacked HTTPS certificate. CAs are responsible for issuing the correct certificates and something like this wouldn't have happened if the certificate wasn't issued; it would either have to be non-SSL site or it'll throw an error. There are mitigation available for these attacks but the onus is on the ISPs to implement them.

[1] https://bitcointalksearch.org/topic/m.56179978
sr. member
Activity: 1190
Merit: 256
You should use Chipmixer they seem reliable on this forum. Also, keep in mind that if you move very large funds you could lose all your money.
The owner may set it like this by default.

In summary, Funds can still be lost irrespective of the mixing platform that transactions are being done as the attacker is able to fool users to send funds to their address instead which is bad. Moving forward, users just need to be cautious and take extra steps to ensure that they're sending funds to a correct destination. The fact that this happened to CryptoMixer doesn't mean that it won't happen to any other platform.

IMHO, I think all of the recent hacking incidents are a clear message that no system is totally safe on the open Internet, All is subjected to flaws and vulnerabilities thats why dont rely much on any platform's security, we the users should also be vigilant all the time, just in case the platform that we use was hacked we should know already what to do keep safe. I hope the Platform will not leave its users hanging by these recent hacking incidents.  

A computer security expert once said that no system is 100% hack proof and I believed him. As far as people built security, there would be a way to tear it down. The issue of security in crypto doesn't just span to service providers. Users too, have to do their bit to ensure safety of their funds at all times. Sorry to CryptoMixer team and affected users. Can't say they'll be trusted the way they were before the attack happened.
legendary
Activity: 3234
Merit: 1130
Leading Crypto Sports Betting & Casino Platform

This is an update


Today i received this message from https://[banned mixer]/
Hello. We are still checking all information. We will contact you ASAP


I have no idea when the checking of information will finish  Huh  Huh  Huh
I will wait for their reply.


Guys, i will keep you updated.

this information they gave is something very vague, imagine if the person need of money urgently? lack of seriousness and responsibility and concern in relation to handing over money to customers Is the main problem that many serivicos have in this market for cryptocurrencies, sometimes even I wonder who owns most of the services, what was their past in the real world, because they do unacceptable things in the real world. your situation is very sad and regrettable
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
You should use Chipmixer they seem reliable on this forum. Also, keep in mind that if you move very large funds you could lose all your money.
The owner may set it like this by default.

If assuming whatever they claim is true, then perhaps it would be unavoidable either ways. MITM attack like these are not that uncommon. If the attacker is able to obtain a signed SSL cert from a trusted CA in the victim's OS, then it would appear as though the connection is normal but the contents could be modified or the traffic could be intercepted.
full member
Activity: 1820
Merit: 107
IMHO, I think all of the recent hacking incidents are a clear message that no system is totally safe on the open Internet, All is subjected to flaws and vulnerabilities thats why dont rely much on any platform's security, we the users should also be vigilant all the time, just in case the platform that we use was hacked we should know already what to do keep safe. I hope the Platform will not leave its users hanging by these recent hacking incidents.   
sr. member
Activity: 2618
Merit: 439
Hi guys,

As you know, https://[banned mixer] has been hacked and many forum members has lost their money. Includine me.

Dont use https://[banned mixer] until they money has been refunded  Cry  Cry  Cry  Cry

I will keep updating this post.


Next update will be in 12 hours.







sad to hear but this is your faith by Using questionable Mixing site.

You should have Use Chipmixer for your own safety mate , Look at it now ? I'm sure there is a Hidden motive behind this hacking .
member
Activity: 100
Merit: 33
Well that's good to know what are other mixers have had these types of problems and when they occurred and for how long etc.

Thanks for the heads up to those that use this service. I never felt the need but now that I'm buying Bitcoin more often I might consider it. Where on the Forum do I go read to start learning about this though.
jr. member
Activity: 87
Merit: 1
You should use Chipmixer they seem reliable on this forum. Also, keep in mind that if you move very large funds you could lose all your money.
The owner may set it like this by default.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
He did already.

That thread has many complaints from people losing their funds, for quite a long time now. Some were refunded, others are still waiting.
This was their response last month:
WARNING

Kindly note, we are following multiple issues where users report the wrong signing address on our website. All of this users report that their connection is secured by the fake SSL-certificate issued on Jan 26, 2021 and expiring on Apr 26, 2021. The Letters of Guarantee of this users has the same fake signing address and has not been generated by our servers. We are investigating this incident. We consider the DNS-spoofing or "man in the middle" attack of this users.

We recommend you to refrain from mixing until separate notice will be posted.

RESOLUTION

First of all, we are confident that:
1) our servers were not compromised;
2) the operations of our customers did not fall into third hands.

At the moment we managed to repeat the experience of users who reported the problem with the fake signing address on our clearnet website, and eliminated this attack about 18 hours ago.

What have happened?

An attackers managed to access HTTP-traffic on one of the infrastructure nodes of upstream providers. Thus, they deceived the verification system of the global Certification Authority (CA) lettercrypt.org and issued a fake Domain Validation (DV) certificate, and were able to send HTTPS-traffic to their servers.

What does it mean?

This means that users who received letters signed by the wrong address has sent their money to attackers and will unlikely receive them back. Those users who received letters signed by the correct address may not worry - the data exchange was secured directly between them and our servers. Also, this incident did not touch on those who used our onion-mirror.

What do we plan to do?

We are very concerned how carefully and gracefully the phishing attack was performed. Unfortunately, this is possible in an open internet and this proves how much existing technologies of open internet are vulnerable. Therefore:
1) We will implement a set of measures to reduce the risks of such incidents with our clearnet website;
2) We will insistently recommend to use the onion website and check the signature, including creating economic incentives for this;
3) We will introduce the status-page on third-party reliable public  provider to provide the up-to-date status of the website.

What will happen to victims of this incident?

We value our customers and their trust very high and do not want to leave them as victims in this situation. During the coming days, we will continue to collect the information on users affected by this incident - when, we will see a complete picture and the amount of damage we will offer them an option to compensate the lost funds. If you haven't contacted me or support@[banned mixer] yet, get in touch and provide the LOG on your operation.
legendary
Activity: 2702
Merit: 4002
I do not know what are the details of your story, but if the site is hacked, how do you expect them to return the money to you? Currency mixing sites are not the same as platforms, and the amounts in hot wallets may be few or many depending on the mixing method.
If you are sure that the site has been hacked, then the site’s administration will announce that. Otherwise, either you have been scammed by the site or that you used a different site (phishing site.)

you can post here ---> https://bitcointalk.org/index.php?topic=1484009.520
newbie
Activity: 29
Merit: 7
Update 2021-04-29:
I have been 100% refunded. Thank you, [banned mixer]



[banned mixer] is a serious company and deserves all respect.
Highly recommended Smiley
Jump to: