Today, May 3, 2014 LocalBitcoins reported a “very dangerous attack” on the site’s infrastructure. As of now, LocalBitcoins has released a statement saying that none of their users data or Bitcoins have been affected and in the meantime “the site will be down for a while as the system is being rebuilt.”
LocalBitcoins hosting service had received a request to restart the website’s server that apparently came from a “spoofed email” and other flaws in the hosting provider’s support system.
LocalBitcoins became aware of the situation shortly after this abnormal activity started. The attacker had attained “a root access to the server” for about 40 minutes before they were kicked out and the server shut down.
Since the data on the server was encrypted, LocalBitcoins believes that it is unlikely that the attacker retrieved any information from the site, but is currently investigating the situation. Since LocalBitcoins hot and cold wallets are on a different server they appear to be unaffected. The site said that it would spend approximately 24 hours to rectify the problem and will make further announcements as the situation develops.
This is the second attack on LocalBitcoins within a month. The last attack was on April 17. That time, the attackers did gain access to some users’ wallets that were said to not have 2-factor authentication enabled.
[textmarker color=”C24000″]Source[/textmarker] LocalBitcoins
