La plateforme d’échange de bitcoins LocalBitcoins vient d’annoncer qu’elle a été victime d’une attaque sévère samedi 03 mai 2014. Les données des utilisateurs et les bitcoins stockés ne seraient cependant pas en danger. Le site sera indisponible pendant le temps que durera la réhabilitation du système.
Message affiché sur localbitcoins.com :
LocalBitcoins received a very dangerous attack against the site infrastructure on Saturday 3.5.2014.
– For now All user data and Bitcoins are safe;
– The site will be down for a while as the system is being rebuilt
Details
LocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.
– LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
– The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
– All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.
It is very unlikely that the attacker gained access to any data; LocalBitcoins is still performing full investigation on the matter.
Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
– LocalBitcoins team has started to rebuild the website server on fresh hardware.
– LocalBitcoins team will make further announcements when the investigation proceeds and the site becomes available again. We expect to spend at least 24 hours on this. LocalBitcoins team apologizes the issues the downtime may cause to the users.
