OKEx and Bitfinex Suffer a DDoS Attack
In what's turning into a series of crypto exchanges with issues this month, Bitfinex and OKEx have both reported a distributed denial-of-service (DDoS) attack.
(Updated at 15:10 UTC with a statement by Bitfinex CTO, Paolo Ardoino, in the third and fourth paragraphs.)
Just this morning (UTC time), Bitfinex took to Twitter to notify the user that they are investigating what seems to be a DDoS, sharing a status page for further updates on the matter.
A DDoS attack is used to flood a website from many different sources in order to disrupt the service and make it unavailable. It's like intentionally crowding a shop from all sides, not letting actual buyers come in.
Paolo Ardoino, CTO at Bitfinex, told us that “the attacker tried to exploit concurrently several platform features to increase load in the infrastructure." While they use a variety of different prevention mechanisms to guard against such attack, "the huge number of different IP addresses used and the sophisticated crafting of the requests towards our API v1 exploited an internal inefficiency in one of our non-core process queues, explains the CTO.
"The matching engine, websockets and core services were not affected by the DDoS attack. However, it was of paramount importance to speedily react in order to avoid any damage escalation. The decision to enter in maintenance was not due to the inability of the platform to resist, rather it was a decision taken in order to quickly bring in the countermeasures and patch for all similar attacks,” Ardoino concludes.
The problem seems to have been promptly resolved. Less than an hour later, Bitfinex stated that "all issues relating to the DDoS attack have now been resolved." The platform has resumed the services an a "stricter protection level" has been implemented.
Ardoino said that "all funds remained safe during the whole attack and high-trading-performance is now fully re-established."
However, as Chief Business Officer at OKEx tweeted, somebody's been "causing trouble" over at their website as well.
Sorry to hear you are dealing with the same issue. Someone is causing trouble here, every exchange should be highly vigilant.— Cryptosis9_OKEx (@Cryptosis9_OKEx) February 28, 2020
An OKEx spokesperson told Cryptonews.com that the exchange "did experience a DDoS attack last night, in fact today as well." The spokesperson added that, thanks to the technical support and monitoring, the situation "was properly handled within short period of time and no oversea client is impacted. We do not tolerate misbehavior and will continue getting well-prepared in protecting users."
CEO of OKEx, Jay Hao, commented on the scale of the attack, saying: "We've detected a planed DDoS attack to our site, 200G yesterday & 400G just now." He also said on his Weibo that this was a "large-scale DDoS attack" launched by the exchange's competitors, apologizing to users for the inconvenience and stating that the team remains watchful.
Matthew Graham, CEO of the China-based advisory company Sino Global Capital, noted that there are rumors in China that the attack comes from another major exchange, but that he's seen no evidence.
Meanwhile, futures and options trading were temporarily suspended on OKEx this morning in order to implement a system upgrade.
In regards to both exchanges being attacked in the same day, OKEx's spokersperson said that they "wouldn't say it is a coordinated attack with Bitfinex." Bitfinex's Ardoino wasn't aware of an attack on OKEx, but said that there was "a level of sophistication that means a deep preparation from the attacker."
Seems the real attack. Attacker showed us his hand and allowed us to quickly prevent this from happening in the future, no matter the scale.— Paolo Ardoino (@paoloardoino) February 28, 2020
While I'm saying this I'm touching balls (as we say in Italy) or touching wood.
JK: I'm 100% confident in our solution
Meanwhile, Singapore-based exchange CoinHako (which is backed by venture capitalist Tim Draper) has reported what it termed "a sophisticated attack" on February 21, which resulted in unauthorized cryptocurrency transactions and "fewer than 20 accounts [...] affected." All affected users have been fully reimbursed, and additional security measures have been implemented on February 25.
As reported, last year EOS seems to have suffered a DDoS attack, which has been followed by severe network congestion. And other issues have been plaguing exchanges and networks this year. Just recently, FCoin declared insolvency, said it'll close down, then announced to its dissatisfied clients it'll reopen; DeFi platform bZx was attacked, then attacked again; and IOTA was hacked, having its mainnet still on pause.