DDoS Attacks on Bitfinex and OKEx were Sophisticated and Probably Connected

Cybersecurity has always been a major challenge to the cryptocurrency industry, with some recorded DDoS attacks against top crypto firms in recent times.

The past few weeks have not been particularly rosy for a
number of crypto exchanges, including Coinhako, Digitex, Bitfinex, and OKEx.
The companies have experienced different levels of security breaches.

However, these attacks did not lead to loss of any funds,
with all the affected exchanges reportedly back online in full operation.

Last week, Bitfinex and OKEx, two major crypto exchanges,
were hit by DDoS attacks. The OKEx exchange was the first to receive the onslaught.
However, the exchange was quick to mitigate the attack and the actors could not
cause much harm to its systems.

As the exchange was still trying to mitigate the attack,
OKEx’s chief executive Jay Hao, on his Weibo page , blamed the incident on
unspecified competitors.

The attack consumed about 200GB per second of traffic
before increasing to 400 GB in the second wave, in a series of attacks that
lasted for two days.

With the level of traffic consumed, the director of the financial markets at OKEx, Lennix Lai,  concluded that the attack is a very sophisticated one that may involve state actors.

But OKEx was able to deal with the DDoS attack within a
short period of time, although the second wave of attack was a little more
difficult to handle.

After the OKEx security team carried out temporary
maintenance on the systems, there was a second wave of DDoS attack. This time,
it was more serious than the first wave. The second wave of attack disabled
futures and options trading. According to OKEx’s spokesperson, the two attacks
were different and completely not related to each other.

Another crypto exchange, Coinhako, also revealed that it was recently hit by a sophisticated DDoS attack, and the incident is unrelated to other hacking incidents.

According to the exchange, “unauthorized cryptocurrency
transactions were found from Coinhako accounts and sent out.”

To prevent any damage or exposure to its data, Coinhako
deactivated the “send” option. After patching up its systems and taking the
necessary maintenance procedures, the company announced on February 29 that it
is fully back online with more stringent security measures.

As OKEx was still battling to mitigate the DDoS attack on its
platform, the hackers turned their attention to Bitfinex. As the exchange’s
status page revealed , the DDoS attack on its
system lasted for about an hour. During that period, the exchange’s throughput
fell close to Zero and the platform was not able to execute any trades at the
time. It led to an upsurge in traffic on platforms of other competitors.

However, Paolo Ardoino, chief technology officer at
Bitfinex, informed reporters that the company decided to go offline in order to
deal with the situation speedily.

He said although DDoS attacks did not affect the exchange’s
WebSockets and main services, it was important to react quickly to prevent any
escalation of attack. He further said that the company’s decision to go offline
and start maintenance immediately wasn’t because it cannot stop the attack
while online. Bitfinex had to take the decision to use countermeasures and
prevent any further attacks on the network.

Ardoino also pointed out that the DDoS attack on Bitfinex’s system is sophisticated and well-planned. The attackers wanted to exploit different platform features to increase the infrastructure load. He said the enhanced design of the request and the large numbers of different IP addresses utilized in the attack only shows how sophisticated that attack was.

The attackers tried to exploit the internal vulnerability of the exchange’s non-core process queues. He further explained that they were fully prepared with everything to cause severe disruption in Bitfinex’s portal. However, the exchange has enough security checks in place to reduce the extent of damage from the attack.

The cryptocurrency market is still young, but it has already started facing a series of security challenges. This security challenge is one of the reasons why many people are still skeptical about the feasibility of investing in the industry. No one wants to lose his major investment to hackers neither do they want to invest in an insecure company.

According to a recent report from KPMG, the cryptocurrency
industry has witnessed the theft of more than $9.8 billion since 2017. That’s
frightening for a growing industry.

But security companies are coming up with innovative strategies to help companies prevent or mitigate these attacks. There is optimism in the industry that the extent of crypto theft will reduce drastically as the public becomes more aware of the technology and security outfits develop stricter security protocols.