They have been having issues. Looks like someone performed a phishing attack their clearnet website and stole Bitcoins of users who were mixing at that time. The claimed they had eliminated the threat, but It seems the attacks are still ongoing even after reopening the site. It's probably the reason they put it offline again.
They insist that users should use their onion site.
DetailsRESOLUTION
First of all, we are confident that:
1)
our servers were not compromised;
2)
the operations of our customers did not fall into third hands.
At the moment we managed to repeat the experience of users who reported the problem with the fake signing address on our clearnet website, and eliminated this attack about 18 hours ago.
What have happened?An attackers managed to access HTTP-traffic on one of the infrastructure nodes of upstream providers. Thus, they deceived the verification system of the global Certification Authority (CA)
lettercrypt.org and issued a fake Domain Validation (DV) certificate, and were able to send HTTPS-traffic to their servers.
What does it mean?This means that users who received letters signed by the wrong address has sent their money to attackers and will unlikely receive them back. Those users who received letters signed by the correct address may not worry - the data exchange was secured directly between them and our servers. Also, this incident did not touch on those who used our onion-mirror.
What do we plan to do?We are very concerned how carefully and gracefully the phishing attack was performed. Unfortunately, this is possible in an open internet and this proves how much existing technologies of open internet are vulnerable. Therefore:
1) We will implement a set of measures to reduce the risks of such incidents with our clearnet website;
2) We will insistently recommend to use the onion website and check the signature, including creating economic incentives for this;
3) We will introduce the status-page on third-party reliable public provider to provide the up-to-date status of the website.
What will happen to victims of this incident?We value our customers and their trust very high and do not want to leave them as victims in this situation. During the coming days, we will continue to collect the information on users affected by this incident - when, we will see a complete picture and the amount of damage we will offer them an option to compensate the lost funds. If you haven't contacted me or support@[banned mixer] yet, get in touch and provide the LOG on your operation.
OFFICIAL UPDATE
Further update on this issue.
Currently,
we have compensated everyone who provided verifiable proof of a transaction. This process was complicated by the fact that different people applied for refunds with the same Letters of Guarantee, some of them were falsified, while others did not have letters - in all such cases, we had to make compensation only to the original source of the transaction. With customers whose amounts was significant, we have agreed to make compensation payout in parts during 2 months, but they will get their full refund shortly. Kindly note, this payments are not a refund of the funds that we have received - but our voluntary compensation to the victims of this incident, so we ask you to understand the precautions that we apply with understanding.
