Crypto Exchanges OKEx and Bitfinex Suffer Simultaneous DDoS Attacks

Published at: Feb. 28, 2020

Cryptocurrency exchanges OKEx and Bitfinex are suffering multiple denial of service attacks. It is unclear as of now if the attacks are connected, though OKEx CEO blamed competitors on his personal Weibo page.

OKEx first suffered a distributed denial of service (DDoS) attack on Feb. 27 at approximately 11:30 AM EST. CEO Jay Hao posted on his personal Weibo page as the attack was unfolding, blaming unnamed competitors in the attack. The attack routed as much as 200 gigabytes per second of traffic, which put strain on OKEx systems.

At approximately 4:30 AM EST on Feb. 28, the denial of service attacks resumed. This time Bitfinex was hit as well, as announced by the exchange’s Twitter account.

The Bitfinex status page shows that the attack lasted for an hour until 5:30 AM, severely crippling the exchange’s activity during that period as throughput fell close to zero.

In the same timeframe, OKEx was attacked again with another DDoS attack, as tweeted by Hao. The new denial attack reportedly routed 400 gigabytes per second of traffic, twice as much as the previous one.

An OKEx representative told Cointelegraph that the denials of service were “properly handled within a short period of time and no overseas client is impacted.”

The attack was conducted shortly after “temporary system maintenance” was completed, which had options and futures trading disabled during the maintenance period. The representative stated that the two events are completely unrelated.

Bitfinex representatives stated that the team implemented a “stricter protection level” as normal activity was resumed.

Bitfinex CTO Paolo Ardoino shared more information about the attack with Cointelegraph. He explained:

 

“The attacker tried to exploit concurrently several platform features to increase load in the infrastructure. While we use many different DDoS prevention mechanisms, the huge number of different IP addresses used and the sophisticated crafting of the requests towards our API v1 exploited an internal inefficiency in one of our non-core process queues.”

While he says that the platform was not affected in its core services and could resist the attack, he decided to enter maintenance to “quickly bring in the countermeasures and patch for all similar attacks.”

What could be the culprit?

Bitfinex CTO, Paolo Ardoino, revealed in a tweet that the attack was “very sophisticated,” with the team having “worked hard to completely annihilate it in a short period of time.”

In a follow-up tweet, he revealed that he was not aware of the OKEx attacks, but was “interested to understand similarities.” He added:

“We've seen a level of sophistication that means a deep preparation from the attacker. Good news: this family of attacks won't work again against Bitfinex.”

While Hao had initially blamed competitors, this was before the next attacks. It is unclear if they are connected with each other. While DDoS attacks are highly disruptive, their short duration is unlikely to alter the competitive landscape between exchanges.

Tags
Related Posts
‘Digileaker’ Claims to Have Stolen KYC Documents for 8,000 Digitex Users
An ex-employee of cryptocurrency derivatives exchange Digitex began leaking stolen Know-Your-Customer (KYC) on Telegram. The stolen data reportedly includes passport and driving license scans and other sensitive documentation pertaining to more than 8,000 Digitex customers. The Seychelles-based exchange issued Cointelegraph a statement indicating that it is not currently able to comment on the incident and is seeking legal counsel: “Digitex Futures is aware of a leak of confidential data. We are not able to comment fully on the incident at this time and are currently seeking legal counsel. However, we can confirm that this was not an external hack but …
Blockchain / Feb. 29, 2020
DDoS Attacks on OKEx and Bitfinex Were Sophisticated, Possibly Related
As the cryptocurrency industry continues to mature, security remains a major challenge. Over the last few weeks, a number of cryptocurrency exchanges — namely, OKEx, Bitfinex, Digitex and Coinhako — have experienced security breaches. Although the attackers apparently did not manage to steal any funds, one of the incidents resulted in a leak of Know Your Customer data. All of the breaches have reportedly been dealt with as of press time, and all of the affected exchanges are back online. OKEx and Bitfinex targeted in a series of DDoS attacks Two different major crypto exchanges were reportedly hit with distributed …
Blockchain / March 3, 2020
Bitfinex Launches Staking in Response to Customer Demand
Major cryptocurrency exchange Bitfinex has become the latest exchange to offer staking services to customers. Announced April 3, Bitfinex will offer staking rewards up to 10% per annum on crypto assets underpinned by a Proof-of-Stake algorithm. "We're committed to engaging our existing users and the wider community with new products and innovations," said Bitfinex’s CTO, Paolo Ardoino. "The Bitfinex Staking Rewards Program provides our users with another avenue to increase their holdings on our platform." Bitfinex introduces staking in response to customer demand Ardoino states that Bitfinex’s clients asked for staking to be introduced, noting that staking allows traders to …
Technology / April 7, 2020
The DeFi craze continues as exchanges rush to list popular tokens
OKEx is the latest cryptocurrency exchange to hop on the DeFi bandwagon. On August 28, they announced listings for eight different DeFi tokens, including Band Protocol (BAND), JUST (JST), REN, Reserve Rights (RSR), Yearn.finance (YFI), Nexus Mutual (wNXM), YFII.finance (YFII), and Tellor (TRB). These new listings expand their DeFi suite to a total of 27. OKEx’s CEO, Jay Hao, praised the DeFi sphere, stating: “OKEx has been keenly observing the DeFi market dynamics and trying our best to collaborate with high-quality innovative DeFi projects that show the most potential. We are very encouraged to see so many excellent projects emerging …
Technology / Aug. 28, 2020
OKEx Exec Calls Binance's CoinMarketCap Ranking 'Shameless'
OkEx chief strategy officer, Alysa Xu, called out crypto data site CoinMarketCap, or CMC, for its recent exchange ranking rationale, proclaiming the platform dead. "Fairness and justice are the basis of all rankings," Xu said in a May 15 post on Chinese microblogging site Weibo. "CMC is dead, and we mourn together tonight." CoinMarketCap recently changed its ranking metrics Binance recently rose to the top of CMC's crypto exchange rankings after the data site changed the rationale by which it composed its list. CMC now shows exchanges ranked in order of web traffic, instead of liquidity or volume. Binance acquired …
Technology / May 15, 2020