Blockchain Security

Distributed Denial Of Service Attacks In Cryptocurrency Exchanges

CyStack Avatar

CyStack Editor

Content Executive @ Marketing Team|April 5, 2023

Information security is not only necessary in traditional transactions but also in cryptocurrency exchanges. One of the most common types of cyber attack is DDoS. Normally, three out of four cryptocurrency platforms are targets of DDoS attacks.

Cryptocurrency exchanges

Crypto trading platforms vary regarding crypto-asset, trading volume, fee, and local law system. The cryptocurrency exchange has experienced dramatic growth, however, these platforms have not kept up with the pace. This makes crypto trading a hub for hackers and fraudsters. 

Distributed Denial of Service attacks (DDoS)

The following is one of the most notorious DDoS attacks in the world:

Bitfinex in Hong Kong:

At that time, Bitfinex was leading the market in terms of the trading volume. In December 2017, it faced continuous attacks, which made it not operate normally.

“The cause is a DDoS attack. A person or group is intentionally trying to cause the platform to not operate normally. The level of DDoS protection is being adjusted to fend off the attack.”

– Bitfinex (@bitfinex) December 04, 2017

Besides, Bitfinex also faced an application layer attack or DDoS layer 7. Bitfinex stated that it was a DDoS in the form of micro-deposits and withdrawals.

What is a DDoS attack?

A DDoS attack happens when a hacker tries to disrupt the traffic of one server, service, or network maliciously by a flood of internet traffic. Normally, when a website is attacked by a DDoS, it suddenly becomes slow or unreachable. However, further analysis proves that it is the result of a DDoS attack or only a spike in traffic. The following are typical signs of a DDoS attack:

  • A flood of traffic originating from one IP address.
  • Traffic from users sharing a similar profile in terms of device, location, or web version.
  • A suspicious increase in access to one page.

There are 3 main types of DDoS attacks: volume-based attack, protocol attack, and application layer attack. Each type of DDoS attack targets a specific component of a network connection.

 A network has 7 layers:

  • Layer 1: Physical layer
  • Layer 2: Datalink layer
  • Layer 3: Network layer
  • Layer 4: Transport layer
  • Layer 5: Session layer
  • Layer 6: Presentation layer
  • Layer 7: Application layer

Common types of DDoS attack

  • Application layer attack (Layer 7 DDoS attack): The application layer attack is the most difficult one to defend against. It aims to exhaust the target’s resources to create a denial of service. 

HTTP flood is a typical example of an application layer attack. This type of attack is called “flood” because it is like refreshing a web browser again and again on many different computers at the same time, which results in a denial of service.

  • Protocol attack: It makes use of vulnerabilities in layer 3 and layer 4 to cause service disruption and make the targeted site inaccessible.

SYN flood is an example of a protocol attack. This happens when a large number of Initial Connection Requests are sent to the network. The target responds to each connection request but the request will never happen. Therefore, the target’s resources are exhausted, which makes the site unavailable.

  • Volume-based attack: Using this method, attackers create massive traffic to target victims.

DNS amplification is a popular example. 

How to mitigate DDoS attacks?

To mitigate DDoS attacks, firms should carefully consider whether it is malicious traffic or normal traffic. Besides, an attack can target multiple layers of the network, which makes the mitigation process even more difficult. 

The following are some popular solutions to DDoS attacks:

  • Blackhole routing
  • Rate limiting
  • Web application firewall
  • Penetration testing

The number of cryptocurrency exchanges is increasing rapidly, which leads to a rise in cyber security threats. Cyber-attacks cause substantial financial loss. Therefore, not only firms but also users should take careful consideration about security in the cryptocurrency exchanges.

Bài viết liên quan

Hợp đồng thông minh mở ra phương thức mới cho các thỏa thuận pháp lý, nhưng các doanh nghiệp cần thận trọng khi sử dụng
Hợp đồng thông minh mở ra phương thức mới cho các thỏa thuận pháp lý, nhưng các doanh nghiệp cần thận trọng khi sử dụng
05/04/2023|Blockchain Security

Hợp đồng thông minh cung cấp rất nhiều lợi ích, nhưng hãy tìm hiểu lý do tại sao những lợi ích đó có thể chỉ là một mặt của con dao hai lưỡi. Lần cuối cùng bạn bị thanh toán chậm là khi nào? Đuổi theo hạn một hóa đơn? Chờ đến lượt nhận lương …

Mạng của Axie Infinity bị hack, thiệt hại hơn 600 triệu USD
Mạng của Axie Infinity bị hack, thiệt hại hơn 600 triệu USD
24/03/2023|Blockchain Security

Theo công bố trên Twitter vào ngày 29/3 vừa qua, Ronin Network – mạng được phát triển cho Axie Infinity, cho biết hệ thống đã bị tấn công với thiệt hại ước tính là 625 triệu đô.  Như vậy, đây là một trong những vụ tấn công tiền ảo lớn nhất tính đến thời điểm …

5 lỗ hổng phổ biến của Hợp đồng thông minh Smart Contract
5 lỗ hổng phổ biến của Hợp đồng thông minh Smart Contract
24/03/2023|Blockchain Security

Hợp đồng thông minh (Blockchain smart contract) rất khó để vận hành đúng. Khả năng lưu trữ giá trị, tính minh bạch và tính bất biến, là ba thuộc tính chính rất cần thiết để hợp đồng thông minh hoạt động hiệu quả. Tuy nhiên, những thuộc tính này cũng khiến cho nhiều hợp đồng …