LocalBitcoins compromised, users scammed of Bitcoin in phishing attack

posted 5 months ago
Users of the P2P Bitcoin trading service LocalBitcoins have been scammed by cyber criminals as part of a phishing scam, resulting in the user’s Bitcoin being stolen. Forum users were being redirected to a phishing site, which was prompting the users to input 2FA codes that were used to access user accounts and empty them of all their Bitcoin.

According to a Reddit post by u/bitcoinbabeau, LocalBitcoins has been compromised and the site’s forum landing page has been redirecting users to a phishing site. Once at the phishing site – designed to closely mimic the actual LocalBitcoins forum in order to dupe users – users were prompted to login and enter sensitive 2fa codes. After the hackers gained access to the user’s account data, the accounts were then emptied of all Bitcoin.

Reddit users also suggest that the hacker “used some sort of script to use the 2FA code entered by the user to withdraw the Bitcoin.” Users can protect themselves by always double-checking the URL of the page they are currently on, and should always look for the lock next to the URL indicating that the page has a secure connection, and by owning the private key to their bitcoins.
Tags: bitcoin, news