Users of popular Bitcoin OTC trading exchange LocalBitcoins are reporting losing their BTC through a phishing attack that was effected earlier today Saturday 26th, January 2019. Following this attack, LocalBitcoins has disabled their forums feature and is currently unavailable.
LocalBitcoins have made a public announcement in regards of the issue in their Reddit page saying:
“We would like to inform that today 26.01.2019 at approximately 10:00:00 UTC, LocalBitcoins has detected a security vulnerability – an unauthorized source was able to access and send transactions from a number of affected accounts. Outgoing transactions were temporarily disabled while we investigated the case.”
Affected users took to the popular Reddit platform to vent their ordeals and warn other users from logging onto the platform. According to a PSA on the platform posted to the r/Bitcoin subreddit, one user going by the pseudonym u/bitcoinbabeau said that visitors to the site’s forum platform were redirected to the hacker’s phishing website.
Once on the phishing website, the victims would be prompted to enter their login details including their two-factor authentication code. The users are led to believe that they have been logged off the system. These details are sent to the hacker who immediately logs into the victims’ accounts and transfers any balances available.
Several users are reporting losing funds, for instance, one Redditor by the user name u/tefl0ncc wrote that:
“Yeah I think I was the first to get cleaned out. 0.14btc. 5 victims going to one wallet. And that’s just one wallet we know about that belongs to the attacker.”
The wallet that u/tefl0ncc refers to has received 5 incoming transactions in the past few hours before the forums were disabled leading us to believe that the funds were stolen through the phishing attack.
In total it has received about 7.95 BTC worth approximately $28,500 as of current rates. However, another user is reporting to have lost about 11 BTC which is more than the above wallet holds. If this is true then the hacker could have pilfered more funds through several other wallets.
According to the official announcement by LocalBitcoins, their first response to the incident was deactivation of outgoing transactions and disabling of the forums. But they have since re-enabled the withdrawals but are yet to re-enable the forums.