LBC is up again.
Good man Escrow!
"We are restoring the site and you can log in already. Some contacts might not yet be available. Transactions are delayed."
Topic: Localbitcoins 19:03 GMT Site down - EDIT: Back Up & Running (Read 1892 times)
Good man Escrow!
"We are restoring the site and you can log in already. Some contacts might not yet be available. Transactions are delayed."
LBC is up again.
Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.
More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
Good point Uhoh - not sure exactly why they moved from German to Swiss servers? Might have been a cost/security/jurisdiction issue.
Think the notice did state that they do keep all KYC/Phones Number/Email data on a separate server. Hopefully that's not in the same place!
They initially gave a 24Hr ETA on fix, so we should hear more from them very soon, if it takes any longer.
Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.
More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
Anyway, these guys are vigilant and have enough security measures to prevent such hacking 
Well, they responded quickly enough so that is indeed a good thing. However the social engineering attack against the hosting provider should not have succeeded in the first place. The data may be safe and recoverable, but the 24-hour downtime is still bad for business.
Agree with you there J - That's a pretty large window!
But hopefully during that time with root access, might have left a trail for police to chase (i know that's unlikely)
But hopefully during that time with root access, might have left a trail for police to chase (i know that's unlikely)
40 minutes access is a bit too long
Anyway, these guys are vigilant and have enough security measures to prevent such hacking
Anyway, these guys are vigilant and have enough security measures to prevent such hacking
http://charts.localbitcoins.com/ subdomain is up.
Cheers, German IP
So looks like good-ish news, good to know they're on it?
Thanks for update rockhound.
Saturday, May 3, 2014
Attack against LocalBitcoins infrastructure 3.5.2014
LocalBitcoins received a very dangerous attack against the site infrastructure on Saturday 3.5.2014.
For now
All user data and Bitcoins are safe;
The site will be down for a while as the system is being rebuilt
Details
LocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.
LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.
It is very unlikely that the attacker gained access to any data; LocalBitcoins is still performing full investigation on the matter.
Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
LocalBitcoins team has started to rebuild the website server on fresh hardware.
LocalBitcoins team will make further announcements when the investigation proceeds and the site becomes available again. We expect to spend at least 24 hours on this. LocalBitcoins team apologizes the issues the downtime may cause to the users.
Attack against LocalBitcoins infrastructure 3.5.2014
LocalBitcoins received a very dangerous attack against the site infrastructure on Saturday 3.5.2014.
For now
All user data and Bitcoins are safe;
The site will be down for a while as the system is being rebuilt
Details
LocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.
LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.
It is very unlikely that the attacker gained access to any data; LocalBitcoins is still performing full investigation on the matter.
Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
LocalBitcoins team has started to rebuild the website server on fresh hardware.
LocalBitcoins team will make further announcements when the investigation proceeds and the site becomes available again. We expect to spend at least 24 hours on this. LocalBitcoins team apologizes the issues the downtime may cause to the users.
Best we can do is wait and hope they are getting a handle on this to resolve brother
At least there's a few of us following, so when more news breaks, you'll hear about it
At least there's a few of us following, so when more news breaks, you'll hear about it
why they do not say something on twiter .....?
It's down for me too.
Yeah, was thinking whether the site automatically closes, during a possible breach.
Pretty shit but think you are right bro.
During their last migration/upgrade last week - We all got an "Internal Server Error" screen but now, nothing as if the site is server-less
Pretty shit but think you are right bro.
During their last migration/upgrade last week - We all got an "Internal Server Error" screen but now, nothing as if the site is server-less
Do you think issue has anything to do with new security upgrades?
Probably not otherwise they would have issued a statement, seems most likely to be DDOS.
Hope no one was in middle of a trade
Whilst Localbitcoiners are waiting for news, might as well speculate. Do you think issue has anything to do with new security upgrades? :
New LocalBitcoins security features
We have rolled out some new user facing security features this week.
You cannot use the same LocalBitcoins logged in session across different IP addresses. This prevents session hijacking attacks against LocalBitcoins users, but may also cause minor inconvenience for the legit users. This is especially case if you use LocalBitcoins on a mobile device where your IP address may change often.
LocalBitcoins may interrupt your normal website actions in the case there is a chance that the action might not be started by the legit user account owner. In this case you will get an email verification to ensure that it was you who really wanted to perform the action.
Whilst Localbitcoiners are waiting for news, might as well speculate. Do you think issue has anything to do with new security upgrades? :
New LocalBitcoins security features
We have rolled out some new user facing security features this week.
You cannot use the same LocalBitcoins logged in session across different IP addresses. This prevents session hijacking attacks against LocalBitcoins users, but may also cause minor inconvenience for the legit users. This is especially case if you use LocalBitcoins on a mobile device where your IP address may change often.
LocalBitcoins may interrupt your normal website actions in the case there is a chance that the action might not be started by the legit user account owner. In this case you will get an email verification to ensure that it was you who really wanted to perform the action.
Thanks mate - Wow i'm such a dinosaur, cheers - handy site 
Was working just 9 minutes ago?
They havn't posted anything yet but here are links to their socials:
https://twitter.com/LocalBitcoins
http://localbitcoins.blogspot.co.uk/
Was working just 9 minutes ago?
They havn't posted anything yet but here are links to their socials:
https://twitter.com/LocalBitcoins
http://localbitcoins.blogspot.co.uk/
You can find a few people reporting the site down already.
https://twitter.com/search?f=realtime&q=localbitcoins&src=typd
Cheers for the link Pony - They recently migrated to Swiss servers, hope they are not under attack!
Cheers J,
Normally very good with their announcements/server maintenance, strange?
Don't like how close to the Hour they went offline
Normally very good with their announcements/server maintenance, strange?
Don't like how close to the Hour they went offline
Yep... seems it is globally down. DDOS ?
Down here too 
Jump to: