A couple of hours ago, an urgent message was posted to Reddit warning all users of LocalBitcoins to remove their funds from their wallets. The user claimed that 5BTC were debited from his or her account without permission and that other users were experiencing the same issue.
LocalBitcoins have now responded through their blog, informing us that malware hit their systems, adding that fewer than 30 people have been affected.
So far we have found one systematic and recent attack against LocalBitcoins users, and right now it seems that the amount of users attacked have been under 30, and amount of bitcoins reported has been less than that. The common pattern between these cases has been that prior the transaction there have been login to the account, and the fact that none of the users affected had 2-factor authentication enabled. Most likely explanation to these attacks have been stolen user credentials through phishing or malware. So far nothing indicates that this have been a security flaw on the website itself, but we are going to continue investigating the case.
Some users posted to say that they have enabled two-step authentication but have still been affected by this malicious code.
Are you a LocalBitcoins user? Have you been affected? Let us know below.