[2019-01-26]LocalBitcoins Compromised: Hacker Nets $28,600 Phishing P2P Crypto

[ppblockchain]

The popular peer-to-peer cryptocurrency exchange LocalBitcoins has seemingly been compromised, as users are reporting its forums were redirecting them to a login page that then sent their details to a hacker. An address being shared already has nearly 8 BTC – around $28,600 – in it.

According to a thread on the popular r/Bitcoin subreddit, LocalBitcoins has been compromised by a hacker looking to steal the exchange’s balances. Visiting its forums, they’re prompted with a login screen that implies they’ve been logged out.




Read more : https://paperblockchain.com/localbitcoins-compromised-hacker-nets-28600-phishing-p2p-crypto-exchanges-users/

[1715053010]

1715053010

[1715053010]

1715053010

[squatter]

The popular peer-to-peer cryptocurrency exchange LocalBitcoins has seemingly been compromised, as users are reporting its forums were redirecting them to a login page that then sent their details to a hacker. An address being shared already has nearly 8 BTC – around $28,600 – in it.

According to a thread on the popular r/Bitcoin subreddit, LocalBitcoins has been compromised by a hacker looking to steal the exchange’s balances. Visiting its forums, they’re prompted with a login screen that implies they’ve been logged out.

My heart jumped a bit when I saw the words "LocalBitcoins compromised".... I expected the worst.

This is like when attackers were DNS spoofing the MyEtherWallet domain. This is a really old hacking technique that has little to with LocalBitcoins' security and everything to do with the crappy, centralized DNS. They hijacked the domain registry for the LocalBitcoins forums and a handful of people fell for it by logging in before administrators could shut down the forums. I'm glad the losses were limited to only 8 BTC.

[buwaytress]

Ah, forums it was. Also had a slight worry when I saw this headline, was just on LBC yesterday and today, but really, I shouldn't have been worried. Everything is bookmarked and whitelisted, logins saved... still not sure why people haven't gotten on board with that basic behaviour by now.

Seems like quite a bit of trouble for "only" 8 BTC. Sign that not many people storing btc on LBC? Or of lowering trade volumes? Or LBC traders a bit more savvy than the average?

[squatter]

Seems like quite a bit of trouble for "only" 8 BTC. Sign that not many people storing btc on LBC? Or of lowering trade volumes? Or LBC traders a bit more savvy than the average?

I'm guessing most traders don't normally log in through the forums, or even visit them at all. That's probably why. Plus, it seems like LocalBitcoins shut the forums down within a couple hours.

I had read the compromise was via DNS spoofing the subdomain, but LocalBitcoins says it was "related to a feature powered by a third party software." Probably injection of malicious code into the forum software or something like that.

[davis196]

I'm glad I don't use the localbitcoins forums.
I wonder what kind of hacker could break the localbitcoins login guard+the 2-factor authentication.
The hacker will have to steal more than just login details.They need access to phone and other stuff.