[ad_1]
LocalBitcoins, the popular P2P (peer-to-peer) bitcoin trading platform, was accessed by "unauthorized source", confirmed the platform, caused by a third-party functionality vulnerability.
LocalBitcoins Forum disabled
According to a thread that was published on Reddit earlier in the day, LocalBitcoins, the P2P bitcoin trading platform, was the victim of a phishing attack.
LocalBitcoins posted the following announcement:
We wish to inform you that today at 26.01.2019 at around 10:00:00 UTC, LocalBitcoins has detected a security breach – an unauthorized source has been able to access transactions and send them from A number of badigned accounts. Outbound transactions were temporarily disabled while we were investigating the case.
We were able to identify the problem, related to a feature using third-party software, and stop the attack. At the moment, we determine the correct number of users affected – until now, six cases have been confirmed. For security reasons, the forum feature has been disabled until further notice.
Outbound transactions have already been reactivated and we have taken a number of steps to address this issue and secure the limited number of potentially unsafe accounts.
Your LocalBitcoins accounts can currently be connected and used securely. We encourage you to activate two-factor authentication, if you have not already done so.
We sincerely apologize for any inconvenience this may have caused.
Sincerely, LocalBitcoins
User (u / bitcoinbabeau) indicated that when users visit the platform's forum URL, they are prompted to log in to their account as if they had been disconnected.
Apparently, this only happens if the user is already logged on. According to him, the URL represents a phishing site whose 2FA codes are sent to the hacker, which allows him to empty his accounts.
Depending on the thread, the withdrawals on the platform have been disabled. In addition, the platform forum is also disabled.
At the time of writing this article, LocalBitcoins has not made any official statement on this topic.
$ 28,000 allegedly already gone
In commenting on the thread mentioned above, one of the users states that he is probably the first to fall victim to the hacker. He revealed that 0.14 BTC had been cleared from his account, displaying the details of the transaction.
The receiving address is already less than 7.95 BTC at the time of publication. Given the current rate of BTC (coin_price), this represents approximately $ 28,000.
It remains to know if it is the actual address (or unique) of the hacker.
Last year, the P2P trading platform has disabled multiple accounts due to new EU privacy legislation.
Have you experienced any problems with LocalBitcoins in the last few hours? Let us know in the comments below!
Images courtesy of Shutterstock
Source link
