Topic: LocalBitcoins User Funds Stolen After Chat Client Hack (Read 1658 times)
The only way to not get hacked is hving your coins in your computer.
and this is just another Bitcoin exchange website getting hacked ... are they some kind of serial hackers or what , bitcoin websites are going down one after another 
Yes. You've got to be aware that there are many groups of hacker thieves out there who spend a lot of time trying to find holes and exploits to take your money. It's very profitable for them and exchanges need to always stay one step ahead of the hackers which obviously isn't easy to do.
I had someone random hit me up on Steam chat and post an image link with malicious code embedded in it. I fear for the kids there lol.
Since when does an intelligent person download .exe files from the live-chat? Sigh. 
Nothing special about this. We often have 'fake' coin clients in the altcoin section.
Nothing special about this. We often have 'fake' coin clients in the altcoin section.
They do even download the files in topics with titles like "Is this a Virus?", even when 100% of the postings say, that this IS a virus.
Well! fault of them downloading the file but still why wouldn't some newbie trust a live chat rep 
Two words guys, cold storage. Actually three words cold storage and sandbox.
I don't think it's entirely localbitcoin's fault that lead to the hack. But one thing good about them is their sense of responsibility as a company as they are even willing to refund those who had their coins lost.
Correct about the responsibility thing.
but for their fault ... well, I never used their website to be honest but MaoChao said that only Support is able to LiveChat with Customers so basically it's their fault if their Support Team aren't secure enough and got hacked otherwise how the hacker would send PM to the other users . he couldn't
I don't think it's entirely localbitcoin's fault that lead to the hack. But one thing good about them is their sense of responsibility as a company as they are even willing to refund those who had their coins lost.
From what you say, this is not the website itself got hacked.
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
This and what MaoChao said. Sounds like social engineering not a "hack."
Coding,Programming and hacking skills are required to create such malwares man . It's not like it's a simple keylogger open source
but yes it's correct , Most of it it's social engineering . It's not that hard to convice people to download a file from you.
Obviously coding is required, but the implication that it was a localbitcoins chat client hack implies their systems were compromised when in fact what was compromised was a user's system because the downloaded something that they shouldn't have.
Local bitcoins has been going down the shitter for a while
If you had funds on there, you gotta blame yourself
If you had funds on there, you gotta blame yourself
OP, you're making the problem sound bigger than it really was. This only affected like 4 people that actually lost BTC. The hack alone wouldn't have done shit. Those users that lost BTC were 1) gullible, and 2) had no sense of security for their BTC. A simple 2FA would have prevented this.
LBC handled it well.
LBC handled it well.
LiveChat enabled if support is online only ?
Yes.Users are able to chat with each other or only with Support/Staff members because it wouldn't make sense if only with the Support team otherwise this means that the hacker hacked the support team accounts then sent the files to the user (taking idendity of Support team)
Only with Support members. I wasn't aware that there is a live-chat/trollbox on the site, is it the one which is initiated after you open a trade or the blog/forum?
Usually LiveChat enabled if support is online.LiveChat enabled if support is online only ? Users are able to chat with each other or only with Support/Staff members because it wouldn't make sense if only with the Support team otherwise this means that the hacker hacked the support team accounts then sent the files to the user (taking idendity of Support team)
I wasn't aware that there is a live-chat/trollbox on the site, is it the one which is initiated after you open a trade or the blog/forum?
Usually LiveChat enabled if support is online. 
Since when does an intelligent person download .exe files from the live-chat? Sigh.
Nothing special about this. We often have 'fake' coin clients in the altcoin section.
Nothing special about this. We often have 'fake' coin clients in the altcoin section.
I wasn't aware that there is a live-chat/trollbox on the site, is it the one which is initiated after you open a trade or the blog/forum?
From what you say, this is not the website itself got hacked.
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
This and what MaoChao said. Sounds like social engineering not a "hack."
Coding,Programming and hacking skills are required to create such malwares man . It's not like it's a simple keylogger open source
but yes it's correct , Most of it it's social engineering . It's not that hard to convice people to download a file from you.
From what you say, this is not the website itself got hacked.
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
This and what MaoChao said. Sounds like social engineering not a "hack."
From what you say, this is not the website itself got hacked.
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
Those users who aren't very smart just installed some dudes software and complain that their funds got stolen.
Don't trust the trollbox...
I received a message from attacker by LiveChat, but did not download anything.
He threatened to block localbitcoins account if I do not download the file.
Be careful, my friends.
He threatened to block localbitcoins account if I do not download the file.
Be careful, my friends.
Jump to: