Hi! Nadav from Bitrated here. That's a great question, thanks for bringing this up. We recently published a post with some more details regarding the attack and state of funds locked in on-going trades. The relevant section for your question is:
Secondly, and more importantly, we want to clarify that the architecture of the Bitrated payment system ensures that
funds held up in on-going trades are never at risk.
The private keys used in the multi-signature script are directly derived from the users’ passwords (using Scrypt and key stretching), which ensures that
users are always in full control of their funds. Even in the worse case scenario of Bitrated becoming permanently unavailable, private keys are always recoverable by the user and access to funds is never lost.
We’re currently working on a tool to help users go through the process of recovering their keys and signing a transaction releasing funds from the multi-signature address to an address of their choosing.
If you’d like to receive updates about the availability of this tool, please follow us on Twitter, Facebook or Reddit.
If you have funds held up in the system and need to urgently release them, please reach out to us for help at
support@bitrated.com. If it’s not urgent and can wait for a little while, we’d like to request that you allow us for some time to publicly release the tool.
You can read the full post here:
https://medium.com/@bitrated/bitrated-clarifications-regarding-ongoing-ddos-attack-and-extortion-attempt-61709556a9a9BTW, it appears like the DDoS attack have stopped for now. Bitrated is back online.