It appears that LocalBitcoins LiveChat feature was compromised earlier today and that the attacker fooled some users with a trojan and proceeded to withdraw coins from their accounts. An administrator for LB posted the following message on the LB forums:
As you might be aware, the livechat accounts used by localbitcoins.com were compromised. Within those chats the impostor provided links to download executables, which probably had key loggers or other malicious software. If you had a chat with the support within last 3 hours, please do not open it, click any links or download anything provided by the support on the chat.
We are now investigating the magnitude of this case, and will be in touch with the users who might have been affected by this as soon as possible.
Users affected by the compromise reportedly received the following email:
Hi, As you might be aware, localbitcoins livechat account was compromised, and the attacker provided malicious links to users who opened the chat. Right now it looks like your account was affected by this attack. Regarding losses which were related to your localbitcoins account, we will provide you refund as soon as you have ensured that: – Your computer is fully safe again. We recommend you to reinstall the OS completely. – reset your localbitcoins password and email password related to your localbitcoins account – Enable two factor authentication and login guard. Regarding any damages happened with desktop wallets or 3rd party services, we need more information regarding that before we can consider reimbursements from those cases. I am really sorry for the all inconvenience and harm affected. — Best regards, Nikolaus
Three users reportedly lost a total of 17 BTC:
Right now it seems that in total 3 users were affected, and about 17 BTC were stolen through those attacks in total. We will be in touch with those users regarding refunds.
Although LB have stated they will cover the loss, some users are reporting additional thefts from other sites as a result of having been compromised via chat. It's unknown at this time if LB intend to cover these losses by users who run random *.exe's despite their own service being compromised.