The information appeared that popular p2p website trading bitcoins LocalBitcoins was hacked. Founded in 2012, LocalBitcoins has become one of the most popular p2p bitcoin trading platforms in the world.
LocalBitcoins allows users to place ads in which they specify the desired exchange rate and payment method for buying or selling BTC. Interested parties can arrange a meeting with a person, purchase BTC in cash or trade directly using online banking. Bitcoins are placed on the wallets of the platform, where users can pay for purchases directly.
According to reports on Reddit, when visiting the page leading to the LocalBitcoins forum, users are prompted to login to their account as if they were logged out.
Sending 2fa user codes to a hacker occurs only if the user is logged in. It is reported that the withdrawal of funds from the platform is temporarily suspended. The platform has also disabled its forum.
It is assumed that this address belongs to the attacker, it has already sent 7.95 BTC using five separate transactions. At current rates, this amount is approximately $ 28,000.
At the time of writing, LocalBitcoins has not made an official statement regarding the alleged phishing attack. However, users are advised to refrain from logging in before the official announcement.
Phishing attacks are common in the crypto space: last year, the popular ERC-20 myetherwallet wallet became a target for an attack using DNS spoofing, then users transferred account data to hackers.