OKEx and Bitfinex Hit With DDoS Attacks, Recover Quickly
Exchange owners describe "sophisticated" attack plan
Share this article
Cryptocurrency exchanges OKEx and Bitfinex have been hit by distributed denial-of-service (DDoS) attacks on Feb. 28. While both exchanges confirmed that the issues were resolved and no user funds were stolen during the attacks, the events sparked an industry-wide debate about security.
DDoS Attacks Exchanges
OKEx and Bitfinex, two high-profile global cryptocurrency exchanges, have both been hit with DDoS attacks.
The first attack happened on OKEx in the early hours of Feb. 28. In response, OKEx announced a temporary suspension of futures and options trading earlier this morning but has since resumed all trading on the platform.
Jay Hao, the CEO of OKEx, said that the exchange suffered from a “large-scale” attack but that its technical support team managed to spot the attack and resolve the issue before any users were affected. In a Weibo post, Hao said he believes that OKEx “competitors” were behind the attack.
Just hours after OKEx resolved the issue, cryptocurrency exchange Bitfinex fell victim to the same type of attack.
Paolo Ardoino, the chief technical officer at Bitfinex, said that the exchange was subject to a “very sophisticated” DDoS attack. He noted that the issue was resolved in one hour thanks to the Bitfinex team and that all user funds remained safe during the attack.
The exchange announced that all services on the platform have resumed.
Carefully Planned Attacks
While the attacks managed to inflict any serious damage, Ardoino said that he was interested in understanding similarities between them. He believes that the complex nature of the attacks showed that they were slowly and carefully premeditated.
“We’ve seen a level of sophistication that means a deep preparation from the attacker,” he tweeted.
Ardoino also noted that this “family of attacks” won’t be able to affect Bitfinex any more thanks to strict protection levels implemented by the platform.
OKEx also confirmed that the attacks on its platform were also carefully planned. The exchange detected another attack planned for today, Hao said on Twitter. He assured OKEx users that the exchange was secure and that their funds will remain safe.
We've detected a planed DDOS attack to our site, 200G yesterday & 400G just now.
A message to OKEx users & communities: Be assured, OKEx is well-prepared to deal with these attacks, we have and will always protect our users no matter what. https://t.co/T7Um4G16w7
— Jay Hao (@JayHao8) February 28, 2020
Nonetheless, Hao called on the crypto community to provide information about the attacks on OKEx and Bitfinex. He offered to double the bounty of those involved in the attack if they were willing to expose the buyer of the DDoS attacks.
Distributed denial-of-service (DDoS) attacks aren’t new to the crypto industry. However, after seeing a surge in popularity in 2017, they have been more sporadically used in the past couple of years.
This type of attack attempts to disrupt the normal functioning of a targeted network by overwhelming it with a flood of usually fake traffic. This prevents normal traffic, or in the case of OKEx and Bitfinex—traders, from accessing the targeted services.
When targeting a large-volume crypto exchange, DDoS attacks can cause massive damages both to the platform and its users, as it prevents the exchange from collecting trading fees and locks users’ funds throughout the duration of the attack.