I am sorry if this is a wrong forum to post this, but I couldn't find a better one. The matter is urgent and since EgoPay is one of the most popular payment methods connected with bitcoin trading, I think it is vital that the whole community is aware what is happening.
This morning we received several transaction notifications from EgoPay via merchant API. These notifications were posted from the usual IP adress of Egopay (95.211.120.119) and were verified correctly by the SCI callback to the www.egopay.com server. However, the funds from these transactions were not added to our wallet. The transactions have very similar IDs, for example ZYYYXL-CLB1B2-AB93GV and ZYYYXX-WHQJNB-E2HQ1S, which is also suspicious because normally the IDs of the transactions are very different.
It looks that someone has hacked EgoPay servers and is/was sending fake transactions to merchants. We suspect this because (a) the notifications come from the IP address of EgoPay server and (b) the transactions were verified correctly by the callback to EgoPay server.
We have double-checked everything on our side and our scripts were not compromised (which was verified by comparing checksums of all scripts). We are posting this information here for all merchants using EgoPay because this matter is very serious and we haven't heard anything from the EgoPay support team so far.
We suggest that anyone having an EgoPay account change their password immediately, and any merchant using EgoPay as a method of payment disable it until we hear the explanation from EgoPay about this incident.