Following yesterday's statement from LocalBitcoins regarding issues with its wallet service, the website has released its follow-up investigation report.
The LocalBitcoins team wrote in the report's introduction:
Report walks through hack claims
LocalBitcoins presented an activity timeline of user don4of4 (who initially posted on reddit), including 17th April when the wallet intrusion took place.
The site's team identified that unlike previous logins by the user, someone accessed the site via a Tor browser and had access to don4of4's two-factor authentication key generator.
LocalBitcoins surmised that whoever accessed the user's account had gained access to his mobile device, which don4of4 told the team was used to store the two-factor codes.
The report read:
LocalBitcoins added that it does not currently offer session fixation as a security measure. However, the development team will look into the matter as a possible future offering for users.
LocalBitcoins addresses withdrawal problems
As stated previously, concerns regarding the site's integrity resulted in increased withdrawal traffic. Withdrawal delays led to increased anxiety among the site's users.
LocalBitcoins said in its report:
The site added that the majority of its bitcoins are in cold storage.
Wallet malware issues detailed
LocalBitcoin's initial 17th April statement suggested that a malware intrusion had resulted in the loss of some users' wallet credentials.
The investigation report elaborated on this point, saying:
The report also recommended that all users adopt two-factor authentication for its account, saying that the site is unable to tell the difference between a user login and one from an unauthorised source.
Tough landscape for wallet owners
Malware targeting bitcoin wallets have increased in number significantly in the past year, posing problems for users who don't keep their bitcoins in cold storage.
A recent report by cybersecurity firm Kapersky Labs showed a sharp increase in bitcoin wallet intrusions and attempted intrusions in 2013, compared to 2012 levels.
A separate study conducted by digital security firm Dell SecureWorks found that nearly 150 strains of malware were currently circulating the internet as of February 2014.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.