A new type of malware has been blamed for the bitcoin theft
Users of LocalBitcoins, a peer-to-peer marketplace for the virtual currency, had their funds stolen this week after the service’s chat client was hacked.
An estimated 17 BTC (around £2,539) was lifted from customer wallets, though the company has said that all users affected will be granted full refunds after taking steps to address security vulnerabilities
LocalBitcoins VP, Nickolaus Kangas, told CoinDesk that he believed the hackers were using a new kind of malware that could bypass the service’s existing security measures and gain access to wallets through the LiveChat feature.
He said, “The attacker used that LiveChat access to spread some kind of Windows executable, which probably was some new kind of keylogger software which is not yet detected by virus protection mechanisms. If the user got that executable installed, with some social engineering, the attacker managed to get access to different accounts of those victims.”
The majority of Bitcoin thefts today are the result of inadequate wallet security that means hackers can steal private keys to users’ funds.
LocalBitcoins now recommends that all customers ensure they are using rigorous security measures, such as two-factor authentication, to protect their accounts.