My password has also been changed after I deposited some BTC into my account and logged out. I have been using the same password for several days and never had a login error until now, so somebody who is not me has taken control of my account.
Also, after depositing the bitcoin, it was an hour and a half I could still log in to my account, the bitcoin had still not shown up even though my wallet from where I deposited the BTC showed 15 network confirmations.
I used the new address that has been updated on bitcoinfog.com, the first post on this thread, and Bitcoinfog's twitter.
So, what's going on? We have 3 addresses that all seem to take us to Bitcoinfog:
http://fogcoren4tt6pz4m.onion/ ,
http://fogcore5n3ov3tui.onion/ , and
http://foggeddriztrcar2.onion/ . I have a separate account that I'm testing the situation with.
If you're logged in to
http://fogcore5n3ov3tui.onion and open
http://foggeddriztrcar2.onion in a new tab, you have to enter your username and password, instead of being served the home screen if you open the same address you logged into in a new tab. This is probably just how the login portal works.
Any changes you make using
http://foggeddriztrcar2.onion/ (eg a new support message, or a new wallet address) are immediately reflected on
http://fogcore5n3ov3tui.onion and vice versa. The information is also identical (identical wallet address codes).
If you log in to
http://fogcore5n3ov3tui.onion/ , and then try to log in to
http://fogcoren4tt6pz4m.onion without waiting long enough, you get the message saying Wait 5 minutes before next login.
So it seems that all three addresses in this post are sending to and receiving from information from the same database(s).
This has changed. The message about the new URL, if you log in to
http://fogcore5n3ov3tui.onion , the message says the new URL is
http://foggeddriztrcar2.onion/ . If you log in to
http://foggeddriztrcar2.onion/ , it also has the very same message. However if you log in to
http://fogcoren4tt6pz4m.onion/ , you have the same message except it says the URL is
http://fogcoren4tt6pz4m.onion/ .
What's missing from this situation is a new post on this thread from Akemashite Omedetou explaining the change. There is a twitter post approx 15hrs ago and the aforementioned messages that appear when you log in to the 3 Bitcoinfog tor onion addresses, but no new forum post. This might not mean anything, though.
I really hope they haven't gone rouge/been taken control of. The most optimistic outlook is that they are changing people's passwords who deposit BTC as a temporary measure to protect accounts while something is going on. Or a third party has been hijacking accounts. If this is what's happening, they really should know about it.
We will just have to wait and see what happens.
If anybody has Bitcoinfog's public key saved from before this update, please check it matches up with the new public key and signature.
If anybody has any other tor onion addresses that lead to Bitcoinfog and seem to be linked the same way as the three I have described in this post, please post them.
This is the message that appears on
http://foggeddriztrcar2.onion/?page=index and
http://fogcore5n3ov3tui.onion/?page=indexNews:
The service is upgrading to a new url:
http://foggeddriztrcar2.onion. Please update your bookmars.
The old url will function for some time, but will ultimately be taken offline soon.
We have been closely monitoring our service in the light of recent Onymous-related seizures.
At this time it does not seem like we have been affected by these events, however the questionable circumstances of the official story about how the servers were found are nevertheless alarming.
We have decided to make additional changes to our security model, and as a part of these precautions we have decided to change the .onion url to a new one.
It's possible that we are going to be changing this url much more often in the future.
Since there are great dangers of not knowing the right url (and being a victim of phishing attack), we advice all users to take extreme caution at keeping track of the right url, and the best way to do that is to check our PGP key.
This key has been known for a long time and has since not changed.
Every message about future addresses, as well as this one, are always going to be signed with the proper key.
A signed PGP message proving the authenticity can be found here:
http://pastebin.com/L0NKMmvMThis is the message that appears on
http://fogcoren4tt6pz4m.onion/?page=index News:
The service is upgrading to a new url:
http://fogcoren4tt6pz4m.onion. Please update your bookmars.
The old url will function for some time, but will ultimately be taken offline soon.
We have been closely monitoring our service in the light of recent Onymous-related seizures.
At this time it does not seem like we have been affected by these events, however the questionable circumstances of the official story about how the servers were found are nevertheless alarming.
We have decided to make additional changes to our security model, and as a part of these precautions we have decided to change the .onion url to a new one.
It's possible that we are going to be changing this url much more often in the future.
Since there are great dangers of not knowing the right url (and being a victim of phishing attack), we advice all users to take extreme caution at keeping track of the right url, and the best way to do that is to check our PGP key.
This key has been known for a long time and has since not changed.
Every message about future addresses, as well as this one, are always going to be signed with the proper key.
A signed PGP message proving the authenticity can be found here:
http://pastebin.com/L0NKMmvMLogged in to
http://fogcore5n3ov3tui.onion/ , I sent a message using their support request form and they got back to me (bottom message is first):
FOG:
Yes, this is our new url. There is a linked to a PGP signed message on the index page to prove this.
shaderkabia:
Is
http://foggeddriztrcar2.onion for real or is this a phished website? I need to mix about 1BTC and would rather not lose it
Again, if anybody still has their PGP public key saved from before they changed their tor onion address, could they please verify they are still using the same key?
I know I really should have saved their public key when I first signed up to the service, I'm new to all this super private internet stuff.
sounds like you got phished, can't really blame bitcoinfog for that. this is the real one: fogcore5n3ov3tui.onion
Well, I got the link from the real website
www.bitcoinfog.com/ and as another user pointed out they previously linked to a phishing site.
A hijack attempt seems to be in progress. The .onion address is hard to reach (DoS?) while the
gate.bitcoinfog.com clearnet site propagates a phishing page, terminated in
phc6.onion (I don't want to propagate the full address).
It seems the hackers have compromised bitcoinfog's own clearnet DNS and are controlling the gate.bitcoinfog.com address, at least.
Upon logging in with a test account, this message is received:
There are many people who have reported the same thing so maybe there is something wrong. And I absolutely do blame BitcoinFog when the phishing link came from their site.
The same thing has happened to me. As I've written in my post, I've used another account to message them logged in to the old
http://fogcore5n3ov3tui.onion and got a message back saying that
http://foggeddriztrcar2.onion really is their new URL. Since a couple of other people have had this happen to them recently, I think it's likely that a third party has been hijacking user accounts.
Show Posts
