New website, maybe the same scammers who scammed me 18 BTC with faked game logs. Unhappy to see that domain in another, new case regardless of the owner.

When and why this was changed? Thank you.

Seized servers is unrealistic, they would shut down - not change address format and allowing further transactions

Changing address format without notification is highly suspicious.

Stop using CryptoMixer until they posted here AND the transactions to the letters of guarantee mentioned above are fulfilled!

I got a screenshot from a Paxful user who owe me money showing a payment/withdrawal to my wallet. I am waiting for two days for this payment which is waiting in queue. It is 99% sure that the screenshot is fake. The sender pretends email verification of this payment is still required and he is in trouble with that (while the screenshot says "in queue" and not "waiting for email verification").

So I want to ask Paxful users/support:
1) How long withdrawals usually take?
2) Is there a "waiting in queue" status?
3) Is there a email verification for withdrawals?

Thank you! This enables me to have evidence for legal action.

I have to admit that this was not okay. Sorry.

Better I had written sth like "I will check again if you have a security question in place after 5 days. If you want to keep security question, please be advised of the disadvantages (link) and shortly confirm to me that your security answers entropy is sufficient (ie at least as high as your passwords entropy). If nothing happens, I will notify the board administration to ensure DefaultTrust integrity". Next time I would do so. It was never my intention to threat someone.

I dont see a problem with this statement. This means there is some trick* AND I would discuss it with the most trusted person being in charge. This implies that I will not speak with anyone else or sell the trick to bad guys.

*This trick allowed me to scan whole DT for secret question set. It also allows to bruteforce passwords and security answers by the way. This was the intention - to make clear that security answers can be bruteforced, so they are even weaker.

How do you define success? If you think success is hijacking your account you are wrong.

If an empty answer would allow you to set a question without having any correct answer, that would be interesting to steal time and resources of an attacker (without wasting own time). However, a long random string should have the same result. But I feel uncomfortable with having any security question active.

Maybe, but question and form to answer is shown

At least he understand the problem now.

Oh, really? Maybe just the ones with a secret question set. You can figure that out by reading my PM.

This thread is unbelievable dump. I warned affected users of a security problem and they make public they are affected. But what should I expect from users having set a security question, ignoring a warning? If you set a second password, both can be used to login. How can someone think this improves security, especially when the second password is "5"? I would ask greenplastic that question, but unfortunately he is not able to login.

I received several negative trust. Okay.

I was able to get access to SPQRCoin yesterday answering "1+1" with "2". No joke. He is in DefaultTrust level 2.

greenplastic gave negative trust to me. Now he is security locked for using "5" as answer to "how old was justin in 1980?".

Proof: https://bitcointalk.org/seclog.php

Security questions are a joke and should be disabled. There are members using questions with a probably secure question or maybe even fake questions, but "1+1" is a joke. In case of greenplastic, he did not even understand the problem. We should think of who is member of DefaultTrust.

Security lock is a good thing for sure, otherwise I would control two DefaultTrust accounts now, one of them being inactive for months. Thank god, I was not able unlocking using a fake mail. I want to see security questions disabled, option to disable email recovery per account and 2FA introduced. BCT is about large sums and does not have up-to-date security mechanisms.

That is only possible with a clearnet server and would be exposed to the same problems as clearnet mirror was.
Redirecting would also state the darknet address as legitimate. That could be a problem.

Real Chipmixer never scammed anyone, even very high amounts were processed smoothly.
However, I am still aware of there is no letter of guarantee, as the mixing process does not support that.
Signed receipts means the server is able to sign and has a private key.
I would be happy to see signed deposit addresses. This can be another part of security.
(Being aware of scam sites can generate legit CM addresses and copy signed message to fake sites, this should contain time of generation and session.)

Looks like chipmlxer.com (SCAM!) just got a nice idea from you 

However, this is the most advanced scam, even maintaining session expiration time and renew/restore.

I think the new API is really nice but it is a matter of time until scam sites will use it:
Checking and redeeming sessions and vouchers entered or even providing fully functional scam sites, scamming only higher amounts to gain trust.
For sure, the latter can be done with own infrastructure, but with much more effort.

All scam sites lack captcha, just as observation.
Captcha is to protect from DoS, I think. That is also a problem for API, isnt it?
I think API is (or will get) a nightmare.

Anyone has a clue about how many these sites are making? I would start monitoring on my own otherwise.

Das Thema ist zwar erledigt, aber bei der Aussage stellt sich mir eine Frage:

Hä?!

Ich bin kein Scammer. Hintergrund ist, dass ich für alte Seeds die Adressen für unterschiedliche Derivation Paths generiert habe und auf Guthaben prüfen wollte.

SCAM-WARNUNG

Meine Firma wurde um ungefähr 0.008 BTC betrogen, zum Glück haben wir das rechtzeitig realisiert.
Die Verifizierung kann man nicht erfolgreich beenden, eingereichte Dokumente werden wahrscheinlich auch für kriminelle Aktionen benutzt.

SCAM CONFIRMED

They scammed around 0.008 BTC from my company.
You cannot complete verification successfully. They also scam your documents.

SCAM WARNING

They scammed around 0.008 BTC from my company.
You cannot complete verification successfully. They also scam your documents.

hello

I have a file with 80,000 bitcoin address. I need the current balance of all of these

please make me an offer for checking all of it via PM

Thank you

hallo,

Ich habe eine Liste von 80.000 Bitcoin Adresse und möchte wissen, wie viel Guthaben auf dem jeweiligen Arbeiten vorhanden.

Mir reicht da eine Momentaufnahme. ich bitte um Angebote per PN, wie viel ihr haben wollt, um alle Adressen einmal ab.