Infrastructure of ‘safe’ LocalBitcoins marketplace ruptured

A site that helps buyers and sellers of the virtual currency meet in person to complete transactions reported “a very dangerous attack” on its system, but claims all user data and money is still safe.

Within hours of abnormal activity occurring on LocalBitcoins’ server, the company notified traders through Twitter. One message contained a link to an existing company blog that provided details on the situation.

The strike was “against the site infrastructure on Saturday 3.5.2014,” LocalBitcoins’ officials wrote on the blog.

It appears the hacker used spoofed email addresses “and other weakness” in technology at the site’s hosting provider to pose as the company and request access to the server, according to officials.

They said the attacker gained “a root access” to the server for about 40 minutes before the attacker was kicked out and the server shutdown, as the hosting provider realized the forgery.

All data was encrypted in a way that requires manual actions to unscramble.

The company is keeping the site partially offline to rebuild the system with new hardware.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.