breach of peer-to-peer exchange trading platform LocalBitcoins led to a series
of unauthorized transactions from a number of accounts.
exchange, which covers more than 16,000 cities around the globe, lets traders buy
and sell Bitcoin in their vicinity. Its tagline, “Instant. Secure. Private”
should no longer hold water following Saturday’s incident, which allowed
hackers to steal funds from at least six of its users.
As per the official announcement, on Jan. 26 at around 10 AM (UTC), LocalBitcoins detected an “unauthorised source” accessing and sending transactions from a number of affected accounts. The exchange immediately disabled outgoing transactions. Still, admins later determined that at least six accounts had been affected.
were able to identify the problem, which was related to a feature powered by a
third party software, and stop the attack,” reads the announcement. “At the
moment, we are determining the correct number of users affected – so far six
cases have been confirmed. For security reasons, the forum feature has been
disabled until further notice.”
transactions have since been re-enabled. The exchange claims to have set up a
number of roadblocks to prevent further unauthorized access. It also advises
its customers to use the two-factor-authentication mechanism available with the
LocalBitcoins service. According to the company, LocalBitcoins accounts are
currently safe to log into and use.
the vulnerability that led to the breach was in the forums page software. The
forum is currently down for maintenance as the team continues to work towards
Two weeks ago, a similar incident was reported in New Zealand where local cryptocurrency exchange Cryptopia suffered a breach that culminated in a lot of empty crypto wallets. The news led some users to speculate that the exchange itself faked the breach as part of an “exit scam.” Local police are investigating the breach, saying that “Cryptopia management and staff have been co-operating with Police and providing considerable assistance in the investigation.”
According to a notice by the New Zealand Police Media Centre, “Good progress is being made and positive lines of enquiry are being developed to identify the source of the transfer, and to identify where the crypto-currencies have been sent.”