Bitcoin Forum

Is anyone else having trouble with Localbitcoins website?

http://www.downforeveryoneorjustme.com/localbitcoins.com

Thanks mate - Wow i'm such a dinosaur, cheers - handy site  :D


Was working just 9 minutes ago?

They haven't posted anything yet but here are links to their socials:

https://twitter.com/LocalBitcoins

http://localbitcoins.blogspot.co.uk/

Yup, it is down here as well.

You can find a few people reporting the site down already.
https://twitter.com/search?f=realtime&q=localbitcoins&src=typd

Down here too :(

Yep... seems it is globally down. DDOS ?

Cheers J,

Normally very good with their announcements/server maintenance, strange?

Don't like how close to the Hour they went offline  :-\  

Cheers for the link Pony - They recently migrated to Swiss servers, hope they are not under attack!

Hope no one was in middle of a trade  :)

Whilst Localbitcoiners are waiting for news, might as well speculate. Do you think issue has anything to do with new security upgrades? :

 New LocalBitcoins security features

We have rolled out some new user facing security features this week.

You cannot use the same LocalBitcoins logged in session across different IP addresses. This prevents session hijacking attacks against LocalBitcoins users, but may also cause minor inconvenience for the legit users. This is especially case if you use LocalBitcoins on a mobile device where your IP address may change often.

LocalBitcoins may interrupt your normal website actions in the case there is a chance that the action  might not be started by the legit user account owner. In this case you will get an email verification to ensure that it was you who really wanted to perform the action.

Probably not otherwise they would have issued a statement, seems most likely to be DDOS.

Yeah, was thinking whether the site automatically closes, during a possible breach.

Pretty shit but think you are right bro.

During their last migration/upgrade last week - We all got an "Internal Server Error" screen but now, nothing as if the site is server-less

It's down for me too.

why they do not say something on twiter .....?

Best we can do is wait and hope they are getting a handle on this to resolve brother

At least there's a few of us following, so when more news breaks, you'll hear about it  :)

Saturday, May 3, 2014
Attack against LocalBitcoins infrastructure 3.5.2014
LocalBitcoins received a very dangerous attack against the site infrastructure on Saturday 3.5.2014.
For now

    All user data and Bitcoins are safe;
    The site will be down for a while as the system is being rebuilt

Details
LocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.

    LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
    The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
    All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.

It is very unlikely that the attacker gained access to any data;  LocalBitcoins is still performing full investigation on the matter.

    Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
    LocalBitcoins team has started to rebuild the website server on fresh hardware.

LocalBitcoins team will make further announcements when the investigation proceeds and the site becomes available again.  We expect to spend at least 24 hours on this. LocalBitcoins team apologizes the issues the downtime may cause to the users.

Thanks for update rockhound.

Cheers, German IP


So looks like good-ish news, good to know they're on it?

40 minutes access is a bit too long

Anyway, these guys are vigilant and have enough security measures to prevent such hacking  :)

Agree with you there J - That's a pretty large window!

But hopefully during that time with root access, might have left a trail for police to chase (i know that's unlikely)

Well, they responded quickly enough so that is indeed a good thing. However the social engineering attack against the hosting provider should not have succeeded in the first place. The data may be safe and recoverable, but the 24-hour downtime is still bad for business.

Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.

More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?

Good point Uhoh - not sure exactly why they moved from German to Swiss servers? Might have been a cost/security/jurisdiction issue.

Think the notice did state that they do keep all KYC/Phones Number/Email data on a separate server. Hopefully that's not in the same place!

They initially gave a 24Hr ETA on fix, so we should hear more from them very soon, if it takes any longer.

LBC is up again.

Good man Escrow!



"We are restoring the site and you can log in already. Some contacts might not yet be available. Transactions are delayed."