Bitfinex, which claims to be “the largest and most advanced cryptocurrencies exchange,” is back up after being slammed to the mat by multiple DDoS attacks over the past weeks.
On Tuesday, the exchange said it was trying to squirm out from under a “heavy” distributed denial-of-service (DDoS) attack…
We are currently under heavy DDOS. API is also down. We are working on further mitigation.
— Bitfinex (@bitfinex) December 12, 2017
Bitfinex had said on Thursday of last week that it had suffered “significant” DoS attack for several days:
Bitfinex has been under significant denial-of-service attack for the past several days. The attack has recently worsened. Please monitor https://t.co/u3pYCWdhHY for ongoing updates.
— Bitfinex (@bitfinex) December 7, 2017
In fact, there was also a DDoS attack a few weeks before that:
Bitfinex is under DDoS attack. The DDoS attack started during earlier maintenance and has been ongoing since.
— Bitfinex (@bitfinex) November 26, 2017
Well, all that DDoS wrestling paid off, at least for now: as of Thursday morning, the status page showed that all Bitfinex systems were good to go.
Great news. But how does all this DDoS nastiness jibe with Bitfinex’s assurance that it sprays on DDoS repellent?
We are protected by automatic Distributed Denial of Service protection to ensure that trading cannot be halted by outside attacks.
Bitfinex has had a tough time of it: In August 2016, robbers mugged the Hong Kong exchange, stealing nearly 120,000 bitcoins, valued at the time at $72 million.
We don’t know how Bitfinex’s DDoS protection works but we do know that those responsible for such attacks are continuously innovating their methods.
At any rate, Bitfinex said that one part of the most recent DDoS attack was to create hundreds of thousands of new accounts, causing stress on the infrastructure. The exchange therefore temporarily disabled new user signups, to both put up a roadblock against the attackers and to improve service for its existing customers.