A link to a phishing LocalBitcoins clone website had reportedly been placed on the official LocalBitcoins forum.
A link to a phishing LocalBitcoins clone website had been placed on the official LocalBitcoins forum, but the attack has since been stopped. A LocalBitcoins community manager warned of the attack on Reddit on Jan. 26.
According to the post, an unidentified hacker or hacker group detected a security vulnerability in the LocalBitcoins forum and linked it to a phishing forum. Even before the official communication, a Reddit user warned in a post on the Bitcoin (BTC) subreddit:
“When visiting the localbitcoins forum […] users are prompted to log into their account, as if they have been logged out. This only seems to happen if you are already logged in. This is is [SIC] a PHISHING SITE and 2FA codes are being used to empty customer accounts. Withdrawals have since been suspended by LocalBitcoins.”
The alleged address of the hacker (or hackers) — identified in the comments by a user who claims to have been hacked — has received a total of 7.95205862 BTC in five different transactions, which is equivalent to about $28,134 at press time. The user also urges:
“Please get the address 13WaahhsiGph4ysmQtjVhVTdgQUSL62KJr blacklisted on exchanges.”
In the Reddit post published by the community manager, LocalBitcoins claims that the identified vulnerability was contained in third-party software, and confirmed six known cases of users being affected.
The company also reportedly stopped the attack and re-enabled outgoing transactions (which were temporarily disabled). Still, the post notes that the forum feature is still disabled until further notice.
As Cointelegraph recently reported, following international police collaboration, a 36-year-old individual suspected of the theft of over $11 million in IOTA through another phishing scam was arrested.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.