Third-party software under scrutiny for LocalBitcoins security breach

It is feared that a hacker presence may be behind the theft of $28,000 that was lifted from user accounts, following the phishing of login details and 2FA one-time credentials, reports find.

The peer-to-peer cryptocurrency exchange platform, LocalBitcoins, recently said that it had suffered a data breach at around 10AM UTC. The tech firm stated that the attack continued for nearly five hours before the intrusion was identified and measures taken to stop the activity.

However, within that crucial five-hour window, users of the LocalBitcoins service said that they kept being rerouted to a mock-up page of the LocalBitcoins login page.

When on the fake credentials page, hackers would gather the login details from users, attempt to access the victim’s account and then demand a two-factor authentication (2FA), in the event that the accounts were protected by such technology.

Upon discovering the malicious attach, LocalBitcoins removed the affected forum and withdrew functionality for transactions on its portal, thus stopping any nefarious parties from taking money from compromised accounts.

The cryptocurrency exchange then resumed trading, after the publication of an analysis of its probe into the hack.

On Reddit, the company stated:

“We were able to identify the problem, which was related to a feature powered by a third-party software. For security reasons, the forum feature has been disabled until further notice.”

No further details have yet come out on which platform function served as the weak spot for hackers to exploit, through which the malicious code would have been directed to put genuine account users into confusion.

Hackers were successful in acquiring funds through the scam, LocalBitcoins confirmed. The organisation said that six accounts had been hit in total, discovered at the time of the investigations post-mortem.

Thus far, it appears that 7.95295862 bitcoins carrying a value of $28,200 were stolen from five of the user accounts, according to a Bitcoin address that victims exchanged online which it was claimed belonged to the cyber criminal in question.

LocalBitcoins has recommended to users that they enable 2FA one-time codification, even though the hacker was able to intercept these details, because using the technology will still provide better levels of protection moving forward.

In a statement, LocalBitcoins said:

“Your LocalBitcoins accounts are currently safe to log in and use – we encourage you to enable Two-factor authentication, if you have not yet.”


Photo Credit: Marco Verch

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.