I received a DM about this thread.
bitaddress.org has never been hacked.
For many years it's been hosted on github.com
I have no indication that my github has been compromised.
I have no indication that my domain registrar account or DNSSEC has been compromised.
I have a script that monitors the checksum of bitaddress.org and received no alerts of any issue.
....
I remembered that 3+ years ago was confused why bitaddress.org generated wrong wallets. Here is my post:
https://bitcointalk.org/index.php?topic=43496.msg52190779#msg52190779The issue was I used wrong web address: "Everybody should be very careful. The addresses above were actually generated not by bitaddress.org, but by biladdress.org ("l" instead of "t"). I do not know how did I go there... probably some fake link :-("
That time fake clone was working and provided wrong public addresses (so, users received incorrect public btc addresses, and actually they did not have private keys to btc addresses showed on their "paper wallets").
I just remembered that my case, cause OP also could face with the same fake clone web address while generating his paper wallet - fake clone in global WWW (with the similar spelling) or fake clone provided through DNS spoofing (OP saw bitaddress.org in his web browser, but actually visited completely different IP address).