Local Bitcoins, a Bitcoin platform that allows the user to buy, sell and trade the cryptocurrency, recently reported a security breach that took place on the platform, through their official Reddit platform.
The Bitcoin peer-to-peer platform has been contributing to the adoption of the cryptocurrency since 2012, with the platform recording a global volume of over $129 million at its peak. Additionally, the exchange currently records the highest volume in Venezuela, a country well-known for its economic crisis.
The exchange stated that they detected a security vulnerability around 10:00 UTC on January 26, 2019. The platform further stated that through the vulnerability, the hacker[s] could access and send transactions from several compromised accounts. Following this, the exchange stated that they disabled outgoing transactions for a short duration in order to investigate the vulnerability. They stated:
“We were able to identify the problem, which was related to a feature powered by a third party software, and stop the attack. At the moment, we are determining the correct number of users affected – so far six cases have been confirmed. For security reasons, the forum feature has been disabled until further notice.”
Currently, the outgoing transactions have been re-enabled and the exchange claims to have taken the necessary actions required to “address this issue” and also secure the accounts that could have been exploited by the hacker[s]. The exchange said:
“Your LocalBitcoins accounts are currently safe to log in and use – we encourage you to enable Two-factor authentication, if you have not yet. We sincerely apologise for any inconvenience this might have caused.”
The attack lasted for around five hours, according to reports, and during this timeframe, users were redirected to a phishing site, which resembled the LocalBitcoin login page. This was followed by the hacker[s] retaining information such as their log-in credentials. The hacker[s] was able to successfully siphon around 7.95205862 BTC [currently valued at $27,246.85].
DoubleClickBTC, a Redditor, said:
“The fact that there are only 6 effected users is astonishing and shows that Localbitcoins threat detection and prevention system is extremely efficient as this exploit could of easily hurt the site alot more.”
This hack took place days after another cryptocurrency exchange, Cryptopia, reported a security breach, resulting in the platform losing control over a massive amount of customer’s funds. The exchange reportedly lost over $16 million worth of Ethereum and ERC20 tokens.
Source: Read Full Article