LocalBitcoins vulnerability: 6 case of stolen funds confirmed as of now - page 2.

jademaxsuy

full member

Activity: 924

Merit: 220

Quote from: mk4 on January 26, 2019, 09:16:46 AM

WARNING: DO NOT LOGIN TO LOCALBITCOINS

Typing this on mobile right now. Just saw this on Reddit.

Thread:
"When visiting the localbitcoins forum: https://localbitcoins.com/forums/

Users are prompted to log into their account, as if they have been logged out. This only seems to happen if you are already logged in. This is is a PHISHING SITE and 2FA codes are being used to empty customer accounts. Withdrawals have since been suspended by LocalBitcoins."

https://www.reddit.com/r/Bitcoin/comments/ajzym3/psa_localbitcoinscom_compromised_do_not_attempt/

another exchanges attack. Bitcoin may be vulnerable from.decrypting but its exchanges are not safe and it is vulnerable from hijacking or hacking it from someone. The problem now starts when a user has stored some of its crypto in the exchanges. Probably you will going to wake up one day losing all the crypto in the exchange wallet.

HippiePyro

full member

Activity: 476

Merit: 107

A non technical guy in a technical world

Forum has been disabled. Here we go again.

100bitcoin

sr. member

Activity: 860

Merit: 423

Reports of lots of coin loss are surfacing. No official update on their twitter as of yet - https://twitter.com/LocalBitcoins

mk4

legendary

Activity: 2716

Merit: 3817

Paldo.io 🤖

~~WARNING: DO NOT LOGIN TO LOCALBITCOINS~~
LocalBitcoins seems to be fine now.

Typing this on mobile right now. Just saw this on Reddit.

Thread:

Quote

When visiting the localbitcoins forum: https://localbitcoins.com/forums/

Users are prompted to log into their account, as if they have been logged out. This only seems to happen if you are already logged in. This is is a PHISHING SITE and 2FA codes are being used to empty customer accounts. Withdrawals have since been suspended by LocalBitcoins.

https://www.reddit.com/r/Bitcoin/comments/ajzym3/psa_localbitcoinscom_compromised_do_not_attempt/

For now we currently have little to no information about what happened/what's happening.

EDIT: Currently not confirmed, but the hackers wallet was said to be this address: 13WaahhsiGph4ysmQtjVhVTdgQUSL62KJr

7.95205862 BTC was sent to this address as of this moment.

EDIT #2: Still no announcement from LocalBitcoins as of now. Will be editing the title of this thread after the things clear up.

https://twitter.com/LocalBitcoins

EDIT #3 Finally an update from LocalBitcoins. Edited the topic title.

Quote

LocalBitcoins' report on the security vulnerability 26.01.2019

We would like to inform that today 26.01.2019 at approximately 10:00:00 UTC, LocalBitcoins has detected a security vulnerability - an unauthorised source was able to access and send transactions from a number of affected accounts. Outgoing transactions were temporarily disabled while we investigated the case.

We were able to identify the problem, which was related to a feature powered by a third party software, and stop the attack. At the moment, we are determining the correct number of users affected - so far six cases have been confirmed. For security reasons, the forum feature has been disabled until further notice.

Outgoing transactions have already been re-enabled and we have taken a number of measures to address this issue and secure the limited number of accounts that might have been at risk.

Your LocalBitcoins accounts are currently safe to log in and use - we encourage you to enable Two-factor authentication, if you have not yet.

We sincerely apologise for any inconvenience this might have caused.

Kind Regards, LocalBitcoins

https://www.reddit.com/r/localbitcoins/comments/ak1u8m/localbitcoins_report_on_the_security/

Topic: LocalBitcoins vulnerability: 6 case of stolen funds confirmed as of now - page 2. (Read 334 times)