LocalBitcoins vulnerability: 6 case of stolen funds confirmed as of now

[magneto]

Thanks for letting us know. I actually had no idea of this until I came across this thread.

It's really a bit surprising to me though how small of an amount has actually been compromised, when an entire forum has been breached into. I wouldn't doubt if the hacker has held onto some account details which at the time did not have any funds in them, because just 6 cases seems to be way too small

Even if you didn't sign into the forum during this time it's probably best to be safe, change your password and enable 2FA if you haven't already. It's a good thing that LBC is taking responsibility it seems and refunding people, which is at least professional on their part.

wow this is pretty scary, was it the first time happening???

I like localbitcoin and always thought its a pretty good site, not that fancy but usability is totally there

I hope more safe system will be in place to avoid this kind of scary hacks

Don't think it's the first time that LBC has given us a scare. I remember back in the days it used to be down every once in a while and people would panic. Small hacks had happened a few years back as well.

[1714632858]

1714632858

[1714632858]

1714632858

[1714632858]

1714632858

[1714632858]

1714632858

[1714632858]

1714632858

[Ucy]

Looks like localbitcoins managed to shut this down pretty quickly after it started up actually, but the hackers still managed to make off with just shy of 8 BTC ($28,000) from 5 users (assuming that 1 address is the only address they used). Wonder if localbitcoins will compensate the users affected?

Once again, we have to wonder why users keep leaving large amount of funds on exchanges. Say it with me now: Not your keys, not your bitcoin. Not your keys, not your bitcoin. Not your keys, not your bitcoin. Not your keys, not your bitcoin.

Of course there will be compensation. It's not the users fault that the company's vault was robbed by thief.
 If a thief robs a bank, breaks the bank vault and steal people gold/jewelry, the bank are responsible for keeping the gold safe and will definitely compensate the owners.

[o_e_l_e_o]

I wouldn't doubt if the hacker has held onto some account details which at the time did not have any funds in them, because just 6 cases seems to be way too small

I don't think doing that would be of any benefit to the hacker. The whole point of this attack was that it was stealing 2FA codes via the forum and using them to log in to exchange accounts. Keeping username and passwords would be no use unless the hacker had another way of stealing 2FA codes.

Of course there will be compensation. It's not the users fault that the company's vault was robbed by thief.
 If a thief robs a bank, breaks the bank vault and steal people gold/jewelry, the bank are responsible for keeping the gold safe and will definitely compensate the owners.

A bank is regulated and insured. Many crypto exchanges are not. Of course they should compensate the losses, but there have been many hacks in the past that haven't. It's by no means guaranteed.

[mk4]

Of course there will be compensation. It's not the users fault that the company's vault was robbed by thief.
 If a thief robs a bank, breaks the bank vault and steal people gold/jewelry, the bank are responsible for keeping the gold safe and will definitely compensate the owners.

The example you gave really doesn't apply with bitcoin/cryptocurrency exchanges, also as reasoned out by o_e_l_e_o. From all the exchanges that got hacked since the rise of bitcoin and cryptocurrencies in general, has every single exchange compensated their users of the stolen funds? No. Most, if not all went bankrupt instead.