Pages:
Author

Topic: Localbitcoins 19:03 GMT Site down - EDIT: Back Up & Running (Read 1935 times)

full member
Activity: 224
Merit: 100
LBC is up again.

Good man Escrow!



"We are restoring the site and you can log in already. Some contacts might not yet be available. Transactions are delayed."
legendary
Activity: 1274
Merit: 1004
LBC is up again.
full member
Activity: 224
Merit: 100
Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.

More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?

Good point Uhoh - not sure exactly why they moved from German to Swiss servers? Might have been a cost/security/jurisdiction issue.

Think the notice did state that they do keep all KYC/Phones Number/Email data on a separate server. Hopefully that's not in the same place!

They initially gave a 24Hr ETA on fix, so we should hear more from them very soon, if it takes any longer.
hero member
Activity: 742
Merit: 500
Circle gets the Square
Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.

More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
donator
Activity: 1617
Merit: 1012
Anyway, these guys are vigilant and have enough security measures to prevent such hacking  Smiley
Well, they responded quickly enough so that is indeed a good thing. However the social engineering attack against the hosting provider should not have succeeded in the first place. The data may be safe and recoverable, but the 24-hour downtime is still bad for business.
full member
Activity: 224
Merit: 100
Agree with you there J - That's a pretty large window!

But hopefully during that time with root access, might have left a trail for police to chase (i know that's unlikely)
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
40 minutes access is a bit too long

Anyway, these guys are vigilant and have enough security measures to prevent such hacking  Smiley
full member
Activity: 224
Merit: 100

Cheers, German IP


So looks like good-ish news, good to know they're on it?
legendary
Activity: 1274
Merit: 1004
Thanks for update rockhound.
full member
Activity: 224
Merit: 100
Saturday, May 3, 2014
Attack against LocalBitcoins infrastructure 3.5.2014
LocalBitcoins received a very dangerous attack against the site infrastructure on Saturday 3.5.2014.
For now

    All user data and Bitcoins are safe;
    The site will be down for a while as the system is being rebuilt

Details
LocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.

    LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
    The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
    All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.

It is very unlikely that the attacker gained access to any data;  LocalBitcoins is still performing full investigation on the matter.

    Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
    LocalBitcoins team has started to rebuild the website server on fresh hardware.

LocalBitcoins team will make further announcements when the investigation proceeds and the site becomes available again.  We expect to spend at least 24 hours on this. LocalBitcoins team apologizes the issues the downtime may cause to the users.
full member
Activity: 224
Merit: 100
Best we can do is wait and hope they are getting a handle on this to resolve brother

At least there's a few of us following, so when more news breaks, you'll hear about it  Smiley
sr. member
Activity: 412
Merit: 250
Bitcoin is the Future of currency
why they do not say something on twiter .....?
legendary
Activity: 1274
Merit: 1004
It's down for me too.
full member
Activity: 224
Merit: 100
Yeah, was thinking whether the site automatically closes, during a possible breach.

Pretty shit but think you are right bro.

During their last migration/upgrade last week - We all got an "Internal Server Error" screen but now, nothing as if the site is server-less
jr. member
Activity: 56
Merit: 1
Do you think issue has anything to do with new security upgrades?

Probably not otherwise they would have issued a statement, seems most likely to be DDOS.
full member
Activity: 224
Merit: 100
Hope no one was in middle of a trade  Smiley

Whilst Localbitcoiners are waiting for news, might as well speculate. Do you think issue has anything to do with new security upgrades? :

 New LocalBitcoins security features

We have rolled out some new user facing security features this week.

You cannot use the same LocalBitcoins logged in session across different IP addresses. This prevents session hijacking attacks against LocalBitcoins users, but may also cause minor inconvenience for the legit users. This is especially case if you use LocalBitcoins on a mobile device where your IP address may change often.

LocalBitcoins may interrupt your normal website actions in the case there is a chance that the action  might not be started by the legit user account owner. In this case you will get an email verification to ensure that it was you who really wanted to perform the action.
full member
Activity: 224
Merit: 100
Thanks mate - Wow i'm such a dinosaur, cheers - handy site  Cheesy


Was working just 9 minutes ago?

They havn't posted anything yet but here are links to their socials:

https://twitter.com/LocalBitcoins

http://localbitcoins.blogspot.co.uk/

You can find a few people reporting the site down already.
https://twitter.com/search?f=realtime&q=localbitcoins&src=typd

Cheers for the link Pony - They recently migrated to Swiss servers, hope they are not under attack!
full member
Activity: 224
Merit: 100
Cheers J,

Normally very good with their announcements/server maintenance, strange?

Don't like how close to the Hour they went offline  Undecided  
full member
Activity: 165
Merit: 102
Yep... seems it is globally down. DDOS ?
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
Pages:
Jump to: