- The ’24 hours to respond’ meme holds celebrities to a higher standard Monday 8:46 PM
- Twitter users miss the kids who walked in on their dad’s interview Monday 8:40 PM
- ‘The Thing About Men’ Twitter hashtag is full of sarcasm and misogyny Monday 7:27 PM
- This woman said Hillary Clinton losing the 2016 election gave her PTSD, and people are furious Monday 6:45 PM
- Vanessa Bryant files a lawsuit against helicopter company after deaths of Kobe and Gianna Monday 5:49 PM
- Michael Jordan cries at Kobe Bryant memorial, jokes about creating a new meme Monday 4:43 PM
- Woman’s boyfriend says it’s him or the frogs—Reddit says choose the frogs Monday 4:22 PM
- Greyhound buses will no longer allow Border Patrol checks Monday 4:04 PM
- ‘Eat Them To Defeat Them’ is oddly about vegetables—not about eating the rich Monday 3:26 PM
- Marco Rubio mocked for filming talking while driving socialism critique Monday 2:54 PM
- QAnon believer asks Trump’s campaign press secretary who Q is Monday 2:36 PM
- Octavia Spencer has discovered ‘Ma’ memes—and she can’t get enough Monday 2:09 PM
- Meet the anti-Greta Thunberg, a climate ‘skeptic’ funded by the oil industry Monday 1:12 PM
- Harvey Weinstein convicted of rape and sexual assault Monday 12:56 PM
- Senator calls Facebook’s current election disinformation efforts ‘inadequate’ in letter Monday 12:11 PM
LocalBitcoins exchange confirms security breach, stolen bitcoins
Are users to blame?
LocalBitcoins, a decentralized Bitcoin exchange with more than 100,000 users, confirmed reports of a security breach after multiple users complained their digital cash had vanished.
It started when LocalBitcoins user “don4of4” posted on the site’s forums around noon ET on Thursday, writing that she or he lost more than 4 bitcoins despite having a password surpassing 30 random characters and enabling a two-step authentication to log in to his account.
Other users chimed in saying they too had lost bitcoins. On Reddit and Twitter, users warned others to withdraw their funds from LocalBitcoins.
— Patrona Partners (@PatronaPartners) April 17, 2014
At around 2 p.m. ET, the Finland-based company responded to users on the forums saying they were investigating the situation. After about two hours, LocalBitcoins posted an update to its blog, reporting that the breach affected fewer than 30 users and fewer than 30 bitcoins (about $15,000, at current exchange rates).
“Most likely explanation to these attacks have been stolen user credentials through phishing or malware,” LocalBitcoins wrote. “So far nothing indicates that this have been a security flaw on the website itself, but we are going to continue investigating the case.”
The update, posted in broken English, doesn’t fully match up to users’ reports, as it claims that none of the affected users had two-factor authentication enabled.
Bitcoin owners have good reason to be on edge these days. It has been less than two months since Mt. Gox, once the world’s largest Bitcoin exchange, shut down after losing hundreds of millions of dollars of customers’ bitcoins in an apparent hack. Earlier this month, researchers exposed the Heartbleed bug, a catastrophic security flaw that sent shockwaves across the entire Internet.
Unlike most Bitcoin exchanges, which facilitate fully online transactions, LocalBitcoins matches buyers and sellers by geographical location for face-to-face exchanges of cash for Bitcoins. The company’s 110,000 active traders make it the largest decentralized market in the world, according to ArcticStartup.
The LocalBitcoins security incident comes just a day after Mycelium Bitcoin Wallet, a popular Android app, launched a feature that facilitates local transactions, which is almost identically to LocalBitcoins. There is no evidence that the two events are linked.
Update: LocalBitcoins published another more-detailed update on this hack, further supporting the company’s previous statement that the security breach does not reflect a site-wide problem.
Photo by BTC Keychain/Flickr (CC BY 2.0)
Fran Berkman is a technology reporter whose work for the Daily Dot focused on cryptocurrencies and internet freedom. In April 2017, he joined BuzzFeed as the deputy director of news curation.