Pages:
Author

Topic: Did localbitcoins just get hacked? (Read 1334 times)

sr. member
Activity: 420
Merit: 250
May 01, 2016, 09:07:11 PM
#22
There is a guy claiming to have the usernames and passwords of localbitcoin users. https://satoshibox.com/e3ohpjjhoez6xfy8qjk8qrmj

Should I be worried? I use the same password at every site.
Dont be worry. Change all your password one by one and dont sign-in in phishing sites. If you signup their your password and username will send to the hacker and he opens all your account so please be careful in others site. So that you are secure in your wallet and all of your account.
member
Activity: 98
Merit: 10
April 26, 2016, 11:46:31 AM
#20
Nah you aren't in danger, the person is probably lying. There's no way the person wouldn't withdraw the BTC in the "hacked' wallets instead of selling the passwords. Also, don't use the same password for every site you go on.
hero member
Activity: 545
Merit: 500
April 26, 2016, 10:28:15 AM
#19
I highly doubt it.

I can bet you any bitcoins he wants people to panic so they start messaging him and he will offer them an alternative by obviously taking YOUR bitcoins and running off

I've never had a problem with localbitcoins and I don't think I will right now
copper member
Activity: 1442
Merit: 529
April 26, 2016, 01:46:42 AM
#18
This is at least the 10th time I am saying it, you can always use the same password but you should do this before:

When you register somewhere, to an exchange site or any other related bitcoin site keep in mind 2 things
1. Make sure you have gmail with 2FA with SMS enabled first
2. Make sure you have a clean pc when you are registering in these sites
3. Add alwasy 2FA with Google Authenticator when these websites offer it.
4. Keep the one time passkey Google Authenticator gives you when registering in order to manually disable if you unfortunately lose your phone, in a safe place.
5. Optional, I suggest using a safe OS like Linux when trying the above 4 points.

If you do these (I personally using same password almost everywhere) but I strictly follow those 5 rules above, nothing have happened to me.

Last advice. Never leave your bitcoins in any exchange.
sr. member
Activity: 322
Merit: 250
April 25, 2016, 09:23:10 PM
#17
There is a guy claiming to have the usernames and passwords of localbitcoin users. https://satoshibox.com/e3ohpjjhoez6xfy8qjk8qrmj

Should I be worried? I use the same password at every site.

Why are you inviting hackers by announcing the thing that you are using the same password for every site. That's the main mistake you are doing. Don't mind, but i am just informing you about this.
hero member
Activity: 812
Merit: 1000
April 25, 2016, 09:17:47 PM
#16
Even if this was real, which I am certain it is not, the hacker can't get the 2fa code which is required to enter your account/wallet at LBC. Also, LBC has a security measure that as soon as an account is accessed from a different location from where it was accessed earlier, they lock the account and ask the user to go through a security check, which requires them to provide proofs that they're the original owner of the account.

I downloaded it just to see, and can confirm that at least some of the passwords work. PM me for a copy.
Don't encourage the scam by vouching for it.  Angry
legendary
Activity: 1652
Merit: 1088
CryptoTalk.Org - Get Paid for every Post!
April 25, 2016, 02:20:25 PM
#15
There is a guy claiming to have the usernames and passwords of localbitcoin users. https://satoshibox.com/e3ohpjjhoez6xfy8qjk8qrmj

Should I be worried? I use the same password at every site.

You should definitely not use the same passwords for every site. Even if localbitcoins hasn't been hacked, chances are high that other exchanges you use will get hacked in the coming year. This kind of stuff is constantly happening in bitcoin world, and you should protect yourself.
legendary
Activity: 1218
Merit: 1006
April 25, 2016, 01:57:50 PM
#14
On its twitter, they answered to user @Themerklenews that this information about its database hacked is false.
Here you have the link: https://twitter.com/LocalBitcoins/status/724323437347504128

thanks for the link, it seems it is just a rumor but i also suggest everyone not to use same password in all sites and i doubt how they managed to get those passwords? even if they hacked or done sql injection inside database password in database must be hashed one as normally all of the sites do.

So i also think this leak as fud to collect some bitcoin.
legendary
Activity: 1470
Merit: 1001
April 25, 2016, 11:36:20 AM
#13
On its twitter, they answered to user @Themerklenews that this information about its database hacked is false.
Here you have the link: https://twitter.com/LocalBitcoins/status/724323437347504128
member
Activity: 70
Merit: 10
April 25, 2016, 09:54:27 AM
#12
I downloaded it just to see, and can confirm that at least some of the passwords work. PM me for a copy.
mkc
hero member
Activity: 517
Merit: 501
April 24, 2016, 11:48:27 PM
#11
Gee is this true? All localbitcoin user name and passwords for 0.1 btc.
Theoretically, web site should not save user password, they should store a hash of password. When user input password, a hash is generated and compared against saved version. How can hacker reverse calculating all passwords?

hero member
Activity: 490
Merit: 520
April 24, 2016, 11:14:15 PM
#10
just change your password and set a very strong one instead. and if they have some kind of two factor authentication try to enable it also. then you can be sure you are safe.

also it is important to not click on every link you see claiming these type of outrageous claims.
Hackers steals accounts through injections and other buzzwords! Security analysts HATE him!

It definitely seems like the only thing to generate business online is to use buzzwords these days, so chances are he's talking primarily out of his ass. He doesn't have anything of value.
legendary
Activity: 1218
Merit: 1007
April 24, 2016, 11:06:28 PM
#9
Quote
...using multiple methods of Cross Service and Injections I've managed to gain access to their server.
As (hobby but fairly experienced) security researcher that made me laugh.

Obvious fake scam is obvious.
>Responsibly disclosed forum security flaws

Seems believable.

To be honest, it also sounded like a bunch of buzzwords to me as well, but I'm glad to see someone who's educated in this can confirm my suspicions.
legendary
Activity: 3472
Merit: 10611
April 24, 2016, 11:06:09 PM
#8
just change your password and set a very strong one instead. and if they have some kind of two factor authentication try to enable it also. then you can be sure you are safe.

also it is important to not click on every link you see claiming these type of outrageous claims.
legendary
Activity: 1876
Merit: 1303
DiceSites.com owner
April 24, 2016, 10:52:54 PM
#7
Quote
...using multiple methods of Cross Service and Injections I've managed to gain access to their server.
As (hobby but fairly experienced) security researcher that made me laugh.

Obvious fake scam is obvious.
legendary
Activity: 1218
Merit: 1007
April 24, 2016, 10:46:18 PM
#6
He is just trying his luck.

If I were the hacker, I will quietly use the passwords to withdraw coins into my own address. Why do I need to sell them just for 0.1BTC??
I'm 50% sure that the guy doesn't have all the accounts he says he does, chances are a majority of them are brute forced and have very little in them. Unless he releases some account names and passwords, it seems like he's trying to sell a lot of useless accounts for $45.
sr. member
Activity: 552
Merit: 250
April 24, 2016, 10:45:40 PM
#5
There is a guy claiming to have the usernames and passwords of localbitcoin users. https://satoshibox.com/e3ohpjjhoez6xfy8qjk8qrmj

Should I be worried? I use the same password at every site.

How did you get to know this? I tried satoshibox.com but there is no way to get to all the listings...
legendary
Activity: 2282
Merit: 1023
April 24, 2016, 10:34:22 PM
#4
He is just trying his luck.

If I were the hacker, I will quietly use the passwords to withdraw coins into my own address. Why do I need to sell them just for 0.1BTC??
legendary
Activity: 966
Merit: 1042
April 24, 2016, 08:36:45 PM
#3
There is a guy claiming to have the usernames and passwords of localbitcoin users. https://satoshibox.com/e3ohpjjhoez6xfy8qjk8qrmj

Should I be worried? I use the same password at every site.

He's been doing this for days it seems. He's full of crap. Don't worry about rando's claiming they 'h@xx3d u a11'. He's just a troll. His post will be deleted and he'll make another new account. Just sit back and laugh.

He claimed to have hacked 500,000 bitcointalk accounts too. It's all a FUD campaign or some other terrible agenda.

Edit: stop using the same password on every page. Does that really need to be said in this day and age?!
Pages:
Jump to: