Blockchain Security

Distributed Denial Of Service Attacks In Cryptocurrency Exchanges

CyStack Avatar

CyStack Editor

Content Executive @ Marketing Team|April 5, 2023

Information security is not only necessary in traditional transactions but also in cryptocurrency exchanges. One of the most common types of cyber attack is DDoS. Normally, three out of four cryptocurrency platforms are targets of DDoS attacks.

Cryptocurrency exchanges

Crypto trading platforms vary regarding crypto-asset, trading volume, fee, and local law system. The cryptocurrency exchange has experienced dramatic growth, however, these platforms have not kept up with the pace. This makes crypto trading a hub for hackers and fraudsters. 

Distributed Denial of Service attacks (DDoS)

The following is one of the most notorious DDoS attacks in the world:

Bitfinex in Hong Kong:

At that time, Bitfinex was leading the market in terms of the trading volume. In December 2017, it faced continuous attacks, which made it not operate normally.

“The cause is a DDoS attack. A person or group is intentionally trying to cause the platform to not operate normally. The level of DDoS protection is being adjusted to fend off the attack.”

– Bitfinex (@bitfinex) December 04, 2017

Besides, Bitfinex also faced an application layer attack or DDoS layer 7. Bitfinex stated that it was a DDoS in the form of micro-deposits and withdrawals.

What is a DDoS attack?

A DDoS attack happens when a hacker tries to disrupt the traffic of one server, service, or network maliciously by a flood of internet traffic. Normally, when a website is attacked by a DDoS, it suddenly becomes slow or unreachable. However, further analysis proves that it is the result of a DDoS attack or only a spike in traffic. The following are typical signs of a DDoS attack:

  • A flood of traffic originating from one IP address.
  • Traffic from users sharing a similar profile in terms of device, location, or web version.
  • A suspicious increase in access to one page.

There are 3 main types of DDoS attacks: volume-based attack, protocol attack, and application layer attack. Each type of DDoS attack targets a specific component of a network connection.

 A network has 7 layers:

  • Layer 1: Physical layer
  • Layer 2: Datalink layer
  • Layer 3: Network layer
  • Layer 4: Transport layer
  • Layer 5: Session layer
  • Layer 6: Presentation layer
  • Layer 7: Application layer

Common types of DDoS attack

  • Application layer attack (Layer 7 DDoS attack): The application layer attack is the most difficult one to defend against. It aims to exhaust the target’s resources to create a denial of service. 

HTTP flood is a typical example of an application layer attack. This type of attack is called “flood” because it is like refreshing a web browser again and again on many different computers at the same time, which results in a denial of service.

  • Protocol attack: It makes use of vulnerabilities in layer 3 and layer 4 to cause service disruption and make the targeted site inaccessible.

SYN flood is an example of a protocol attack. This happens when a large number of Initial Connection Requests are sent to the network. The target responds to each connection request but the request will never happen. Therefore, the target’s resources are exhausted, which makes the site unavailable.

  • Volume-based attack: Using this method, attackers create massive traffic to target victims.

DNS amplification is a popular example. 

How to mitigate DDoS attacks?

To mitigate DDoS attacks, firms should carefully consider whether it is malicious traffic or normal traffic. Besides, an attack can target multiple layers of the network, which makes the mitigation process even more difficult. 

The following are some popular solutions to DDoS attacks:

  • Blackhole routing
  • Rate limiting
  • Web application firewall
  • Penetration testing

The number of cryptocurrency exchanges is increasing rapidly, which leads to a rise in cyber security threats. Cyber-attacks cause substantial financial loss. Therefore, not only firms but also users should take careful consideration about security in the cryptocurrency exchanges.

Related posts

Advantages and Disadvantages of Smart Contracts in Blockchain
Advantages and Disadvantages of Smart Contracts in Blockchain
March 24 2023|Blockchain Security

Advantages and disadvantages of smart contracts – do you want to learn more about the two sides of this hot blockchain technology? Smart contracts are the heart of the hotcake blockchain, whose long-live has been confirmed for decades; the greatly exaggerated death of crypto exposes significant limitations of the blockchain and the core smart contracts. …

How To Perform A Smart Contract Audit
How To Perform A Smart Contract Audit
March 24 2023|Blockchain Security

Smart contracts are complex programs, and as a result, it is hard to get security right. This can be a problem when huge amounts of assets are attached to them on blockchains. In addition to financial loss, security flaws can erode the reputation of the affected platforms and vendors. Experienced experts can offer additional assistance …

Security In Web3: How Does It Differ From Web 2.0 Security?
Security In Web3: How Does It Differ From Web 2.0 Security?
March 24 2023|Blockchain Security

Web 3.0 advocates promise a massive improvement in security for users. Most of it comes from blockchain technology’s resistance to human intervention. In general, transactions are irreversible, and users enjoy their anonymity. That said, we have still observed some similar cybersecurity trends between Web 2.0 and Web 3.0. A whole new iteration of the internet …