And the ChipMixer Bitcointalk account even still has the compromised link in their signature.
The .com link isn't currently compromised - it is offline entirely. Annoying, yes, but no risk to people clicking on it.
Indeed, yes, they took it down; signature links are back to normal now. However, I don't understand how this hack happens. An attacker can't just 'respond to chipmixer.com queries'. That sounds like a BGP attack which this obviously is not. Since they mention something about this happening with a previous provider, I'm wondering whether that's a hack of the hosting provider or what's going on. Or if it's a bad provider (that changes the domain=>IP mapping without the user's authorization). I'm happy I always use onion sites when available.