Attacker Bags Eight Bitcoin In LocalBitcoins Breach

by Osiris Team


Posted on Jan. 26, 2019, noon
Analytics
Time to read: 1 min
BTC

The crypto market may have slowed, with Bitcoin (BTC) falling by upwards of 70% during yesterday, but ambitious attackers have continued their attempts to breach industry upstarts. Most recently, rumors arose that LocalBitcoins, a popular peer-to-peer, non-conventional exchange, had fallen victim to a security breach.

Per a tweet from Francisco Memoria, a crypto journalist at CryptoGlobe, LocalBitcoins, one of the most popular upstarts in this sector’s history, has purportedly been comprised, with malicious actors netting a minimum of eight BTC, or ~$28,000 worth of the cryptocurrency. How did this happen?

According to Memoria, coupled with a highly-upvoted Reddit thread on the matter, the hacker managed to hack the P2P exchange’s website to execute phishing attacks. It was explained that when users went to the platform’s in-house forum, they were redirected to a suspicious login page, which likely recorded pertinent information, including two-factor authentication codes, that was subsequently relayed to a hacker.

Once password and other bits of information were submitted, supposed victims on the Bitcoin subreddit claimed that their exchange wallets were emptied, allowing the attacker to score thousands of dollars worth of BTC. In a comment on the thread, supposedly issued by a victim who lost 0.14 BTC, a suspicious Bitcoin address was exposed, which had five incoming transactions earlier Saturday. The five incoming transactions, likely pertaining to LocalBitcoins users, amounted to 7.95 BTC. The largest transaction was a jaw-dropping 4.6 BTC. Ouch.

While this hasn’t been confirmed, one Reddit user remarked that his/her 11 BTC was also snatched, but no transaction IDs were flagged or stipulated. However, considering the popularity of LocalBitcoins, there’s a chance that there were more than five victims in this most industry recent security breach.

While there was radio silence on the end of LocalBitcoins’ press and media team for a number of hours, firm representatives have since issued a response on its company subreddit. Vera of LocalBitcoins recently wrote that at 10:00 UTC on Saturday, the team at the upstart detected an “unauthorized source” that possessed the capability to send outgoing transactions from victimized accounts. And as such, the exchange’s team immediately froze transactions, as an investigation commenced.

Per the post-mortem, the still-anonymous attacker was able to breach a third-party software used by LocalBitcoins, but was quickly shut down. Interestingly, Vera claimed that six cases have been all but confirmed, contradicting the five incoming transactions on the suspicious address. This discrepancy wasn’t addressed, so it can be assumed that the hacker managed to siphon funds into another address.

The firm has not addressed whether or not it will be liable for the stolen funds, some of which may have been owned by Venezuelan Bitcoin users, as peer-to-peer cryptocurrency transactions are rather popular in the nation.

This recent debacle comes just weeks after Cryptopia, a New Zealand-based crypto upstart, lost a supposed $16 million of Ethereum and ERC-20 tokens in a surprising breach.


Related links:
Source
Like and comment it on:

More cryptocurrency news

Latest news

CoinMarketCap Crypto Indices Launch on Nasdaq, Bloomberg, Reuters

Two cryptocurrency benchmark indices from data provider CoinMarketCap will launch today on financial data feeds from Nasdaq Global Index Data Service (GIDS), Bloomberg Terminal, Thomson Reuters Eikon (Refinitiv) and Germany’s Börse Stuttgart, as well as on its own platform.


Development
All

March 20, 2019, 1:07 p.m.

The World’s First Nasdaq-Powered Full-Stack Cryptocurrency Ecosystem to Go Live in H1 2019

Nasdaq and Bcause LLC, the developer of the very first “full-stack cryptocurrency ecosystem” have announced that Bcause will use Nasdaq’s proprietary order matching engine.


Development
All

March 15, 2019, 12:37 p.m.

CBOE Will Not List Bitcoin Futures in March, Cites Need to Assess Crypto Derivatives

The Chicago Board Options Exchange (CBOE) will not add a new Bitcoin (BTC) futures market in March, the firm said in a statement on March 14.


Development Regulatory
BTC

March 15, 2019, 12:33 p.m.

Ripple provides $100 million in funding for blockchain gaming developers

Ripple's Xpring today announced it is partnering with blockchain gaming platform startup Forte by providing $100 million for investment in blockchain gaming developers.


Development
XRP

March 13, 2019, 1:59 p.m.

SEC Chairman Clarifies Securities Treatment Around Bitcoin, Ethereum, and Cryptocurrency Broadly

The SEC chairman Jay Clayton provided additional clarity on the securities treatments for cryptocurrency—more specifically by addressing his stance towards William Hinman’s statements about Bitcoin and Ethereum potentially being non-securities.


Analytics Regulatory
BTC ETH

March 13, 2019, 1:51 p.m.

Follow us