alexhaering
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 20, 2021, 09:30:46 PM |
|
jeffi447, your below Letter of guarantee does not include the original signing bitcoin address of [banned mixer], which is 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM. Before mixing you should do two things: 1) Check if the letter of guarantee contains the original signing bitcoin address of [banned mixer], which is 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM 2) Verify the signed message (you can for example use this tool for the verification: https://tools.bitcoin.com/verify-message/) Are you 100% sure, that you had used [banned mixer] and NOT cryptomixer.com (fake clone)? If yes, and as the clearnet URL of [banned mixer] went offline this morning again, this might indicate that there is again a traffic attack on the clearnet domain. But that's only my assumption. I had mixed larger amounts of 0.2xx in the last weeks successfully on the Onion URL of [banned mixer] and the support team had also contacted me concerning a refund for a payment which I had lost in the beginning of February. However I have not yet received the refund back. same problem!
this morning 0.01234921 BTC sent
-----START SIGNING BITCOIN ADDRESS----- 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4 -----END SIGNING BITCOIN ADDRESS-----
-----START LETTER OF GUARANTEE----- We hereby confirm that WWW.[banned mixer] has generated the address XXXXXXXXXX in order to transfer incoming amount (minus fee) to the following addresses: 100% to XXXXXXXXXX after 5 hours 51 minutes. This service will be only available for all bitcoins received from 2021 April 20, 00:44:17 UTC to 2021 April 21, 00:44:17 UTC with minimum amount of 0.001 BTC per single transaction and maximum amount of 156.2033 BTC total. Our fee is 0.5% + 0.0005 BTC for every target address. This letter is digitally signed by our main account: 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4. Stay protected and thank you for using our service. -----END LETTER OF GUARANTEE-----
-----START DIGITAL SIGNATURE----- HLcHi9Tm/JOWg2RLDpgsKwHsPXvG3/yk6wmm+Edjn+7XYk2s6NqKUv33zhNv6bnhEp0em41CS7FIKgP622WIQxI= -----END DIGITAL SIGNATURE-----
What can I do now? I have not used onion and I need the money urgently.
I also have to say, someone else transferred to the wallet as well. A stranger has transferred 0.01823139 BTC.
I use CRYPTOMIXER very long time and I am actually always very satisfied. So far, the deposit addresses have always been unique only for one customer.
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
benesiaxd
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 20, 2021, 09:55:14 PM |
|
Same goes for me, and I emailed him and he said he would contact me after investigating. Obviously Url was [banned mixer]. Even if it's phishing, The server was hacked, so we need to compensate. I did a mix this morning as well, I got the same signing address as jeffi447. I did my mix on [banned mixer] jeffi447, your below Letter of guarantee does not include the original signing bitcoin address of [banned mixer], which is 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM. Before mixing you should do two things: 1) Check if the letter of guarantee contains the original signing bitcoin address of [banned mixer], which is 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM 2) Verify the signed message (you can for example use this tool for the verification: https://tools.bitcoin.com/verify-message/) Are you 100% sure, that you had used [banned mixer] and NOT cryptomixer.com (fake clone)? If yes, and as the clearnet URL of [banned mixer] went offline this morning again, this might indicate that there is again a traffic attack on the clearnet domain. But that's only my assumption. I had mixed larger amounts of 0.2xx in the last weeks successfully on the Onion URL of [banned mixer] and the support team had also contacted me concerning a refund for a payment which I had lost in the beginning of February. However I have not yet received the refund back. same problem!
this morning 0.01234921 BTC sent
-----START SIGNING BITCOIN ADDRESS----- 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4 -----END SIGNING BITCOIN ADDRESS-----
-----START LETTER OF GUARANTEE----- We hereby confirm that WWW.[banned mixer] has generated the address XXXXXXXXXX in order to transfer incoming amount (minus fee) to the following addresses: 100% to XXXXXXXXXX after 5 hours 51 minutes. This service will be only available for all bitcoins received from 2021 April 20, 00:44:17 UTC to 2021 April 21, 00:44:17 UTC with minimum amount of 0.001 BTC per single transaction and maximum amount of 156.2033 BTC total. Our fee is 0.5% + 0.0005 BTC for every target address. This letter is digitally signed by our main account: 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4. Stay protected and thank you for using our service. -----END LETTER OF GUARANTEE-----
-----START DIGITAL SIGNATURE----- HLcHi9Tm/JOWg2RLDpgsKwHsPXvG3/yk6wmm+Edjn+7XYk2s6NqKUv33zhNv6bnhEp0em41CS7FIKgP622WIQxI= -----END DIGITAL SIGNATURE-----
What can I do now? I have not used onion and I need the money urgently.
I also have to say, someone else transferred to the wallet as well. A stranger has transferred 0.01823139 BTC.
I use CRYPTOMIXER very long time and I am actually always very satisfied. So far, the deposit addresses have always been unique only for one customer.
|
|
|
|
alexhaering
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 21, 2021, 07:07:49 AM |
|
Before I read this thread yesterday I started mixing approx 10K USD BTC on their Onion URL. I received the mixed BTC today. The Onion URL works and I received a LoG with the original signing BTC address.
My loss from February (also approx 10K USD) has not yet been refunded but I had confirmed the BTC source wallets via email to the Support Team so I hope the refund is only a matter of time.
To all of you who need mixing urgently - download TorBrowser and use the Onion URL!
|
|
|
|
benesiaxd
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 21, 2021, 09:38:31 AM |
|
No! support@[banned mixer] this is gene If you give him a letter of guarantee, he will intercept the money by asking Mixer Support for a refund.
|
|
|
|
jeffi447
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 21, 2021, 11:13:38 AM |
|
I have 100% the real URL. I always have https://[banned mixer]/ as a bookmark. My BTC is not there yet. [banned mixer] is offline. What should I do? I have written an email but no answer. I am very desperate because I really need the money very urgently.
|
|
|
|
CryptoMixer.io (OP)
Full Member
Offline
Activity: 312
Merit: 127
Ever used CryptoMixer? Leave your feedback ↓
|
|
April 21, 2021, 01:40:18 PM |
|
I have 100% the real URL. I always have https://[banned mixer]/ as a bookmark. My BTC is not there yet. [banned mixer] is offline. What should I do? I have written an email but no answer. I am very desperate because I really need the money very urgently. Kindly, PM me with the transaction details. If you have got no reply on your email it hasn't reached us. Same here. I also used this URL https://[banned mixer]/ Still no reply from CryptoMixer although i have sent email to support@[banned mixer] Check your PM, I have already answered you.
|
|
|
|
CRYPTOMIXER_LOST_MONEY
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 21, 2021, 02:56:54 PM |
|
To all of you who need mixing urgently - download TorBrowser and use the Onion URL!
or just dont use the mixer with 5+ pages of scam accusations / people losing money on the thread.... if you look back on this thread, the issue has been happening since February. this is clearly selective scamming going on by them, or their servers have been hacked 3+ times in the past few months (which seems unlikely, and is just as good of a reason to not use this mixer... )
|
|
|
|
jeffi447
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 21, 2021, 07:49:03 PM |
|
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16609
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
April 21, 2021, 08:07:02 PM |
|
Using an online tool to verify a Letter of Guarantee is terrible for your privacy. You should use your own wallet to verify the signed message.
|
|
|
|
|
jeffi447
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 22, 2021, 09:17:06 AM |
|
Hello guys, unfortunately [banned mixer] has not answered me yet. I am still waiting for your PM @ [banned mixer] I will keep you updated on this issue.
|
|
|
|
jeffi447
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 22, 2021, 01:54:50 PM |
|
I have now also written an email to support@[banned mixer] and I hope for a response.
|
|
|
|
benesiaxd
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 24, 2021, 06:17:55 AM |
|
I understand this is a very difficult situation. So I won't rush you. However, if you are thinking about how anxious your customers must be, I think you should upload the progress in detail.
I know you're gonna claim to be a victim, too. But what's wrong with customers who trust you and use you?
I'll wait for the wise. I hope you take advantage of this opportunity to make your company bigger.
|
|
|
|
jeffi447
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 25, 2021, 10:16:21 AM |
|
I got this answer:Hello. The Letter of Guarantee you provided is signed with different address. Your letter signed by 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4. Our public address 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM was created back in 2016 and has never changed. If your browser is still open on the webpage, it would be helpful if you could provide: • the screenshot of the page with the website address and the signing address at the bottom of the page; • the screenshot of the details of SSL-certificate and the exact time on your machine; • the result of the command "ping [banned mixer]" executed in the command line (push Win+R and type "cmd") • your cryptomixer code or any previous Letter of Guarantee with the original signature address;
We do understand your concern and want to make it possible to return your money. This will be very helpful for our investigation I definitely have the right URL because I have it bookmarked and have been using it for many years. My bookmark is: https://[banned mixer]/
If their server was hacked, they have to give us our money. This is FRAUD!!!!!!!!
I have sent 0.01234921 BTC to this address 14qxxxxxxxxQK1xxxxxxxxdxxxxxxxxxfs
Another person also got this address and this person sent 0.01823139 BTC
I have not made a mistake! I trusted them and now I have big problems! I want my money back! Show your pride and send the money! Can a moderator please write an Official Warning on page 1 so other people don't lose their money?We await an official statement!
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16609
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
April 25, 2021, 11:45:02 AM |
|
I got this answer:Hello. The Letter of Guarantee you provided is signed with different address. Your letter signed by 1CrypMix3194qKbmZBeM2TRxgBu1gorrB4. Our public address 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM was created back in 2016 and has never changed. If their server was hacked, they have to give us our money. This is FRAUD!!!!!!!! If the server is hacked, obviously the attacker can change the signing address as mentioned on the site. That makes it difficult to know with certainty which is the official signing address. At this moment, cryptomixns23scr.onion/faq.html shows 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM, and was confirmed in this unedited post: What you can do to make sure that the Letter of Guarantee has been generated not by third side besides checking the signature is to check the signing address provided in the Letter of Guarantee on the blockchain explorer. Our original signing address has been generated back in 2016 and has 32 pages of donation transactions on about 40 BTC in total and has never changed: https://www.blockchain.com/btc/address/1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLMThis address (1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM) was posted in this topic in 2016 by several users. I'll leave neutral feedback with this information. Stay vigilant!
|
|
|
|
CRYPTOMIXER_LOST_MONEY
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 25, 2021, 03:48:18 PM |
|
Lost 0.607 BTC still no refund! I think the site is scamming unfortunately.
|
|
|
|
CryptoMixer.io (OP)
Full Member
Offline
Activity: 312
Merit: 127
Ever used CryptoMixer? Leave your feedback ↓
|
|
April 27, 2021, 02:11:21 AM Last edit: April 27, 2021, 06:10:50 AM by CryptoMixer.io Merited by LoyceV (6), Rath_ (2) |
|
SECURITY REPORT We were investigating issues where users reported the wrong signing address on our website. All of this users reported that they were on our website and their connection was secured by the fake SSL-certificate. All incidents were grouped by dates March 16-17 and April 19-20. The Letters of Guarantee of this users had the same fake signing addresses listed below: 1CrypMixUKiXduy6J42nEzm4Z9CpJuXptS (March 16-17)1CrypMix3194qKbmZBeM2TRxgBu1gorrB4 (April 19-20)
While the original signing address was generated back in 2016 and has never changed: - 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM (bookmark this very address if you are reading this)
To make it clear: - our servers were not hacked or compromised;
- the operations of our customers did not fall into third hands;
- this attack affected only those users who have got the fake signing address.
To understand what have happen to this users and how to avoid it for yourself, kindly read further. BackgroundThe Internet is a global network in enabling any connected host, identified by its unique IP address, to talk to any other, anywhere in the world. This is achieved by passing data from one router to another, repeatedly moving each packet closer to its destination. To do this, each router must be regularly supplied with up-to-date routing tables. At the global level, individual IP addresses are grouped together into "prefixes". These prefixes are originated, or owned by an autonomous systems (AS) - groups of networks that operate under a single external routing policy. For example, Sprint, Verizon, and AT&T each are an AS. Border Gateway Protocol (BGP) is the standard routing protocol used to exchange information about IP routing between autonomous systems. Each AS uses BGP to advertise prefixes that it can deliver traffic to. For example, if the network prefix 192.0.2.0/24 , then that AS will advertise to its provider(s) and/or peer(s) that it can deliver any traffic destined for 192.0.2.0/24. The problem is, by default the BGP protocol is designed to trust all route announcements sent by peers, and only few ISPs rigorously enforce checks on BGP sessions through security extensions available for BGP, and third-party route DB resources. What is BGP hijacking?BGP hijacking can occur deliberately or by accident in one of several ways: - An AS announces that it originates a prefix that it does not actually originate.
- An AS announces a more specific prefix than what may be announced by the true originating AS.
- An AS announces that it can route traffic to the hijacked AS through a shorter route than is already available, regardless of whether or not the route actually exists.
Common to these ways is their disruption of the normal routing of the network: packets end up being forwarded towards the wrong part of the network and then are found at the mercy of the offending AS. When an AS announces a route to IP prefixes that it does not actually control, this announcement, can spread and be added to routing tables in BGP routers across the Internet. It would be like claiming territory if there were no local government to verify and enforce property deeds. Typically ISPs filter BGP traffic, allowing BGP advertisements from their downstream networks to contain only valid IP space. However, a history of hijacking incidents shows this is not always the case. There have been many examples of deliberate BGP hijacking: What happened to our users?During our investigation, we have found out that on the dates corresponding to the incidents one of the AS was broadcasting to BGP the fake route for our servers network and that route was used by some of ISPs (you can click diagrams for details). This way attackers rerouted HTTP-traffic to their servers, deceived the verification system of the global Certification Authority (CA) lettercrypt.org and issued a fake Domain Validation (DV) certificate, and were able to send the victims HTTPS-traffic to their servers either. It may seem surprising that the operator of a large network or group of networks, many of which are ISPs, would brazenly undertake such malicious activity. But considering that by some counts there are now over 80,000 autonomous systems globally, it is not surprising that some would be untrustworthy. How to defend yourself?Because BGP is built on the assumption that interconnected networks are telling the truth about which IP addresses they own, BGP hijacking is nearly impossible to stop at one moment. Though security extensions such as Resource Public Key Infrastructure (RPKI) are available for BGP, are still not widely deployed and adoption will takes time. It is very important to understand that the clear Internet infrastructure is dramatically insecure. You can face it both in cryptocurrency and the fiat worlds. What you can do to make sure that the Letter of Guarantee has been generated not by third side, besides bookmarking our signing address and checking the signature, is to check the signing address provided in the Letter of Guarantee on the blockchain explorer. Our original signing address has been generated back in 2016 and has 32 pages of donation transactions on about 40 BTC in total and has never changed: You will easily see if it is the freshly new generated address of scammers, like this one: What will happen to victims of this incident?We value our customers and their trust very high and do not want to leave them as victims in this situation. During coming days we will contact affected users and offer them an option to compensate the lost funds. We are aimed to provide the compensation till the end of this month. If you haven't contacted me or support@[banned mixer] yet, get in touch and provide the LOG on your operation. More info
|
|
|
|
CryptoKnight32
Newbie
Offline
Activity: 3
Merit: 0
|
|
April 27, 2021, 01:11:51 PM |
|
SECURITY REPORT We were investigating issues where users reported the wrong signing address on our website. All of this users reported that they were on our website and their connection was secured by the fake SSL-certificate. All incidents were grouped by dates March 16-17 and April 19-20. The Letters of Guarantee of this users had the same fake signing addresses listed below: 1CrypMixUKiXduy6J42nEzm4Z9CpJuXptS (March 16-17)1CrypMix3194qKbmZBeM2TRxgBu1gorrB4 (April 19-20)
While the original signing address was generated back in 2016 and has never changed: - 1CrypMixXWtTjYGCM5ZJmyQYP1Y39P7aLM (bookmark this very address if you are reading this)
To make it clear: - our servers were not hacked or compromised;
- the operations of our customers did not fall into third hands;
- this attack affected only those users who have got the fake signing address.
To understand what have happen to this users and how to avoid it for yourself, kindly read further. BackgroundThe Internet is a global network in enabling any connected host, identified by its unique IP address, to talk to any other, anywhere in the world. This is achieved by passing data from one router to another, repeatedly moving each packet closer to its destination. To do this, each router must be regularly supplied with up-to-date routing tables. At the global level, individual IP addresses are grouped together into "prefixes". These prefixes are originated, or owned by an autonomous systems (AS) - groups of networks that operate under a single external routing policy. For example, Sprint, Verizon, and AT&T each are an AS. Border Gateway Protocol (BGP) is the standard routing protocol used to exchange information about IP routing between autonomous systems. Each AS uses BGP to advertise prefixes that it can deliver traffic to. For example, if the network prefix 192.0.2.0/24 , then that AS will advertise to its provider(s) and/or peer(s) that it can deliver any traffic destined for 192.0.2.0/24. The problem is, by default the BGP protocol is designed to trust all route announcements sent by peers, and only few ISPs rigorously enforce checks on BGP sessions through security extensions available for BGP, and third-party route DB resources. What is BGP hijacking?BGP hijacking can occur deliberately or by accident in one of several ways: - An AS announces that it originates a prefix that it does not actually originate.
- An AS announces a more specific prefix than what may be announced by the true originating AS.
- An AS announces that it can route traffic to the hijacked AS through a shorter route than is already available, regardless of whether or not the route actually exists.
Common to these ways is their disruption of the normal routing of the network: packets end up being forwarded towards the wrong part of the network and then are found at the mercy of the offending AS. When an AS announces a route to IP prefixes that it does not actually control, this announcement, can spread and be added to routing tables in BGP routers across the Internet. It would be like claiming territory if there were no local government to verify and enforce property deeds. Typically ISPs filter BGP traffic, allowing BGP advertisements from their downstream networks to contain only valid IP space. However, a history of hijacking incidents shows this is not always the case. There have been many examples of deliberate BGP hijacking: What happened to our users?During our investigation, we have found out that on the dates corresponding to the incidents one of the AS was broadcasting to BGP the fake route for our servers network and that route was used by some of ISPs (you can click diagrams for details). This way attackers rerouted HTTP-traffic to their servers, deceived the verification system of the global Certification Authority (CA) lettercrypt.org and issued a fake Domain Validation (DV) certificate, and were able to send the victims HTTPS-traffic to their servers either. It may seem surprising that the operator of a large network or group of networks, many of which are ISPs, would brazenly undertake such malicious activity. But considering that by some counts there are now over 80,000 autonomous systems globally, it is not surprising that some would be untrustworthy. How to defend yourself?Because BGP is built on the assumption that interconnected networks are telling the truth about which IP addresses they own, BGP hijacking is nearly impossible to stop at one moment. Though security extensions such as Resource Public Key Infrastructure (RPKI) are available for BGP, are still not widely deployed and adoption will takes time. It is very important to understand that the clear Internet infrastructure is dramatically insecure. You can face it both in cryptocurrency and the fiat worlds. What you can do to make sure that the Letter of Guarantee has been generated not by third side, besides bookmarking our signing address and checking the signature, is to check the signing address provided in the Letter of Guarantee on the blockchain explorer. Our original signing address has been generated back in 2016 and has 32 pages of donation transactions on about 40 BTC in total and has never changed: You will easily see if it is the freshly new generated address of scammers, like this one: What will happen to victims of this incident?We value our customers and their trust very high and do not want to leave them as victims in this situation. During coming days we will contact affected users and offer them an option to compensate the lost funds. We are aimed to provide the compensation till the end of this month. If you haven't contacted me or support@[banned mixer] yet, get in touch and provide the LOG on your operation. More infoseems like an over explained excuse version of 'our server got hacked' and now he is just trying to cover his ass.... if these guys can magically re route traffic for IP address, why they did it to some site like [banned mixer] instead of coinbase, blockchain.com, binance..... anyway.. i hope they will actually refund and this is not just a cover to scam more... seems fishy.
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16609
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
April 27, 2021, 01:33:26 PM |
|
we will contact affected users and offer them an option to compensate the lost funds. Have you considered the possibility the attacker can claim to be a victim too? All they need is to sign a transaction from their own fake 1CrypMix address. if these guys can magically re route traffic for IP address, why they did it to some site like [banned mixer] instead of coinbase, blockchain.com, binance..... This possibility worries me a lot more!
|
|
|
|
benesiaxd
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 28, 2021, 03:51:42 AM |
|
Did you get a refund?? This is an update of lost money issueFinally, the investigation of the lost money is over. Today i received a positive reply from [banned mixer]. This is the reply Hello,
We have finished our investigation. Thank you for provided information and your patience. Could you kindly confirm that you still have access to the source address of your transaction XXXXXXXXXXXXXX ?Seems like i soon will have my money back Thank you, CryptoMixer!
|
|
|
|
|