- All user data and Bitcoins are safe;
- The site will be down for a while as the system is being rebuilt
DetailsLocalBitcoins hosting provided received a request to restart the LocalBitcoins.com website server and give access to the server console (root) on Sat May 3 13:32:27. LocalBitcoins team did not initiate this request. For now, it looks like the request was made using spoofed email addresses and other weakness in the hosting provider support system.
- LocalBitcoins team was alerted about the abnormal activity when the hosting provider restarted the server.
- The attacker gained a root access to the server for ~40 minutes before the attacker was kicked out and the server shutdown.
- All data on the website server is encrypted. Manual actions are needed to make this data readable, so the attacker could not gain access to the data even when having a server console access.
- Bitcoins in hot wallet and cold wallet are safe, as LocalBitcoins runs its bitcoind and wallets on a separate server.
- LocalBitcoins team has started to rebuild the website server on fresh hardware.