Posted on January 28, 2019 at 6:29 PM
A P2P crypto exchange called LocalBitcoins reported a security breach on Saturday, January 26th. According to the exchange, a feature powered by a third-party software allowed attackers unauthorized access to users’ accounts, which they had their funds stolen. The exchange has yet to reveal which forum widget was responsible for allowing hackers to conduct the attack. So far, LocalBitcoins has reported that there are six confirmed cases of the breach.
— LocalBitcoins.com (@LocalBitcoins) January 26, 2019
The attack resulted in a theft of nearly 8 BTC
The attack started on Saturday, at around 05:00 ET (10:00 UTC), and it was on-going for nearly five hours, which is when the exchange managed to disrupt it. During the attack, users who tried to access the exchange’s forum ended up being redirected to a fake login page that collected their login credentials if users attempted to access their accounts.
In cases where accounts were protected by the two-factor authentication, hackers’ fake page also asked users for a one-time code that would grant them access. While there is no need for crypto traders to keep their funds on the platform when they are buying digital coins, sellers still need to use LocalBitcoin’s own wallet for storing coins that are waiting to be sold. It is estimated that around 7.9 BTC ($28,200) was stolen from the six accounts that were confirmed to be compromised.
LocalBitcoins responded to the attack by taking down the forum, and disabling transactions on the platform until the vulnerability has been removed. The exchange then continued the trading activity on Sunday, January 27th. However, they also announced that the forum would remain disabled for the time being, due to security concerns.
The company’s statement also claims that they have taken a number of additional measures to address the issue and secure accounts that are believed to be in danger of being exposed. While the attackers did manage to intercept 2FA codes and access some of the accounts, the exchange still recommends that their customers enable this level of protection, as their accounts remain more vulnerable without this security feature.
The attack is among minor ones when it comes to crypto-related hacks, as some of the previous ones managed to steal millions from the exchanges and their customers. Even so, it stands to show that the security within the crypto space still leaves much to be desired. While the incident is only a type of phishing attack, it should serve as a reminder that the users themselves need to be careful when accessing websites, especially those belonging to crypto exchanges.
This hack is also a continuation of a long string of similar incidents that have occurred in recent years. While the attackers often have different motivations depending on what they are targeting, the attacks on exchanges remain particularly persistent ever since cryptocurrencies started attracting attention in 2017.
Exchanges’ users are advised to implement strong security measures, such as the previously mentioned two-factor authentication, as well as long, complex passwords.