A MITM attack against LuckyBit could - at worst - replace the game addresses with malicious ones.
This is a sufficient reason to put HTTPS. The attacker has a financial incentive to repllace those addresses.
There has never been a report of MITM attacks against LuckyBit.
Until it happens. But why wait until an incident happens if you already can fix the issue?
SSL implementation is not a simple process. Getting a signed certificate, implementing security across the site and filtering for non-essential services such as the LuckyBit Community Hub are not a quick-switch option. These things take time and money that aren't justified by a "potential" threat that hasn't been realized and can be easily avoided by customers. Most of our players don't even depend on the site to provide the addresses; the information is available elsewhere and the majority of wallets also provide address-book services that would make this attack ineffective.
tl;dr: not worth the effort for an attacker, not worth the effort for us