LocalBitcoins Suffered from Phishing Attack, Reveals Security Breach
LocalBitcoins, an international peer-to-peer platform for selling and buying BTC, has undergone a phishing attack and security breach. Only the limited number of clients are affected.
LocalBitcoins is a P2P platform where anyone can exchange cryptocurrency. Over the weekend, the company announced a hacker attack, which resulted in some customers losing access to the account.
According to the crypto platform’s Reddit, on Saturday morning, the company found a breach in the security system. An unknown person got access to several accounts and began to transfer money from its wallets. The company has temporarily frozen transactions.
The service was able to identify the source. According to the report, it is associated with a “feature powered by third-party software. LocalBitcoins managed to stop the attack. The company still investigating how many customers suffered from the attack. There are already only 6 confirmed cases. Now, transactions on the platform are working correctly.
On the same day, one of the Twitter users noticed the attackers had created a duplicate site of the LocalBitcoins forum web page. With it, they lured out users’ two-factor authorization (2FA) data, which allowed them to access client accounts.
According to another Reddit user who was allegedly attacked, the problem indeed lies in 2FA. When he tried to log into his account and entered the 2FA code, the service knocked out him and showed an error. He managed to enter the profile a second time, and then he noticed his account was robbed.
LocalBitcoins did not confirm that the info about the phishing site. But for the sake of customer safety, the platform has closed access to the forum.