Silk Road forums

Discussion => Newbie discussion => Topic started by: phartrails on September 13, 2013, 06:52 am

Title: Localbitcoins.com CSRF passport image scam
Post by: phartrails on September 13, 2013, 06:52 am
Seems a handful of users had a total of 82 btcs stolen from a scammer thats sends users a passport picture that also has an html file attached that executes codes to drain said account. Be careful.
Title: Re: Localbitcoins.com CSRF passport image scam
Post by: Ron Swanson on September 13, 2013, 07:25 am
source?
Title: Re: Localbitcoins.com CSRF passport image scam
Post by: nassy on September 13, 2013, 12:10 pm
more information please dude
Title: Re: Localbitcoins.com CSRF passport image scam
Post by: monesty on September 15, 2013, 06:06 am
Yes it happened. See the localbitcoins.com forums. It only scammed sellers who clicked on a malicious image sent to them over LBC.

LBC has closed the exploit and are refunding all of the lost coins.
Title: Re: Localbitcoins.com CSRF passport image scam
Post by: monesty on September 16, 2013, 03:28 pm
Here is the official blog post:

http://localbitcoins.blogspot.fi/2013/09/post-mortem-bitcoin-stealing-attack.html